The software maker also released a much-anticipated update to Internet Explorer, which it said fixes a bug that made users of the world's most popular browser vulnerable to remote attack. The bug is more than just a minor hole in the code, Forshaw found a new "exploitation technique" in Windows. For Microsoft, it means that that it can develop defenses against an entire class of attacks. Forshaw earned another $9,400 for identifying security bugs in a preview release of Microsoft's Internet Explorer 11 browser.
Forshaw has been credited with identifying several dozen software security bugs. HP awarded him a large bounty for identifying a way to take control of Oracle's Java software. Microsoft also released an automatic update to Internet Explorer on Tuesday afternoon to fix a security bug that it first disclosed last month.
Researchers say hackers initially exploited that flaw to launch attacks on companies in Asia in an operation that the cybersecurity firm FireEye has dubbed DeputyDog.