In an announcement on the iDefense Labs website, the company said that the challenge is designed to ferret out early weaknesses in both Microsoft releases.
"It is not surprising that the decision to update to the current release of Internet Explorer 7.0 and/or Windows Vista is fraught with uncertainty," read the note. "Primary in the minds of IT security professionals is the question of vulnerabilities that may be present in these two groundbreaking products."
The challenge is open through to 31 March. In addition to the awards, iDefense Labs said it will also pay a bonus of between US$2,000 to US$4,000 for code that exploits the submitted vulnerability.
Microsoft has long been a critic of programs, such as iDefense Labs' quarterly challenges, which pay researchers for vulnerabilities.
"Microsoft is aware of iDefense offering compensation for information regarding security vulnerabilities," a company spokesperson told SCMagazine.com today.
"Microsoft does not offer compensation for information regarding security vulnerabilities and does not encourage that practice. Microsoft doesn't want to speculate on the motives of third-party researchers but will say that [it] is committed to working with them closely on the issues that they bring to our attention."
The spokesperson went on to say that the company "does not oppose programs that work through the established process for responsible disclosure and do not put customers at risk."
Click here to email West Coast Bureau Chief Ericka Chickowski.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
