Skip to main content
Rate:  

Bounty Hunters: The Honor Roll

The following researchers have submitted a qualifying vulnerability or new mitigation bypass techniques to Microsoft as part of the Microsoft Security Response Center (MSRC) Bounty Programs. We thank them greatly for their participation and for working with us to help keep customers safe.

Please send vulnerability reports or questions about the Microsoft Bounty Programs to secure@microsoft.com.

Total bounties paid to date: Over $500,000.00

Mitigation Bypass

NameCompanyAmountYearDonation
to Charity
Ivan Fratric
(@ifsecure)
Google, Inc$25,0002015 
Yu Yang
(@tombkeeper )
Tencent's
Xuanwu Lab
$10,0002015 
AbdulAziz Hariri
(@abdhariri)

Brian Gorenc (@maliciousinput)

Simon
Zuckerbraun
(@HexKitchen)
HP's ZDI$125,0002015 Concordia
University
Montreal


Khan Academy

Texas
A&M University
Zhang Yunhai
(@f0rgetting)
NSFOCUS
Security
Team
$50,0002014 
James Forshaw
(@tiraniddo)
Context Security$100,0002013 
Fermin J. Serna
(@fjserna)
Google, Inc$25,0002013 
Yu Yang
(@tombkeeper)
NSFOCUS
Security Team
$100,0002013 

Microsoft Edge Technical Preview

Online Services

Current quarter

NameLinkQuarter - Year
Adi Ivascu Q2 2015
Darius Petrescu https://twitter.com/akkilion_/Q2 2015
Deepanshu Kapoor http://deepanshukapoor.blogspot.com/Q2 2015
Ignacio Garrido https://www.versprite.com/Q2 2015
Jyoti Ranjan Acharya https://www.facebook.com/jyoti.racharyaQ2 2015
Neelesh Swami https://www.facebook.com/neelesh.swamiQ2 2015
Nicolai Grødum https://www.cisco.com/Q2 2015
Sergey Markov Q2 2015
Shahmeer Amir https://www.maadssec.com/Q2 2015
Wesley Wineberg https://www.synack.com/Q2 2015

Previous quarters

NameLinkQuarter - Year
Adi Ivascu Q1 2015
Ben Hayak http://www.benhayak.comQ1 2015
Darius Petrescu https://twitter.com/@akkiliON_Q1 2015
Francisco Correa https://cl.linkedin.com/pub/franciscocorrea/76/428/7baQ1 2015
Jack "fin1te"
Whitton
http://www.includesecurity.com/Q1 2015
Jon https://bitquark.co.uk/Q1 2015
Mario Gomes http://twitter.com/netfuzzerQ1 2015
Prakash http://www.ensolnepal.com and
https://twitter.com/1lastbr3ath
Q1 2015
Sergey Markov Q1 2015
Stephen Sclafani http://stephensclafani.comQ1 2015
Yash Pandya http://yashpandyasecuritytester.blogspot.in/Q1 2015
Yunusov Timur http://twitter.com/a66atQ1 2015
Zhang Xujun https://twitter.com/midzer0Q1 2015
Adi Ivascu Q4 2014
Aditya Gujar http://www.betterhacker.com/Q4 2014
Alex Davies https://pwndizzle.blogspot.com/Q4 2014
Clifford Trigo http://www.twitter.com/MrTrizaeronQ4 2014
Cernica Ionut
Cosmin
https://ro.linkedin.com/pub/cernica-ionut/45/447/ba8Q4 2014
Darius Petrescu https://twitter.com/@akkiliONQ4 2014
Francisco Correa http://cl.linkedin.com/pub/francisco-correa/76/428/7baQ4 2014
Frans Rosén https://detectify.com/Q4 2014
Ghorab Mostafa Anouar https://www.facebook.com/GHORAB.Mostafa.AnouarQ4 2014
Jack "fin1te"
Whitton
http://www.includesecurity.com/Q1 2014
Jakub Żoczek http://zoczus.blogspot.com/Q4 2014
John Koerner http://johnkoerner.com/Q4 2014
Juan SaccoJuan Sacco Exploit Pack http://exploitpack.com/Q4 2014
Mariano Di Martino Q4 2014
Mathias Karlsson http://avlidienbrunn.se/Q4 2014
Nikhil Srivastava https://twitter.com/niksthehackerQ4 2014
Olivier Beg Q4 2014
Ravindra Rathore http://aksitservices.co.in/Q4 2014
Neelesh Swami http://www.facebook.com/neelesh.swamiQ4 2014
Sergey Markov Q4 2014
Stephen Sclafani http://stephensclafani.com/Q4 2014
Wesley wesley@exfiltrated.com www.synack.comQ4 2014
Yunusov Timur http://twitter.com/a66atQ4 2014

Internet Explorer 11 Preview (PROGRAM CLOSED)

NameCompanyVulnerabilities FoundAmount AwardedDonation to CharityYear
James Forshaw
(@tiraniddo)
Context Security4$4,400
* Received $5,000 bonus for finding cool IE design vulnerabilities
 2013
Fermin J. Serna
(@fjserna)
Google, Inc1$500Save the Seattle Humane Society2013
Jose Antonio Vazquez Gonzalez Yenteasy -Security Research5$5,500World Food Program USA2013
Ivan Fratric Google, Inc. Security Team1$1,100Save the Children Fund2013
Masato Kinugawa 2$2,200 2013
Peter Vreugdenhil Exodus Intelligence1*Tier 1 2013

Want to know more?

BlueHat Archive

See past BlueHat Sessions

BlueHat v12

BlueHat v11

BlueHat v10