Fratric is also well known: In 2012, before he joined Google, he won second place and $50,000 in Microsoft's BlueHat Prize, a contest the Redmond, Wash. company launched to acquire new technologies to block return-oriented programming, or ROP, a technique often used to sidestep DEP, or data execution prevention, one of Windows' main anti-exploit technologies.
Storms rated the IE11 program a success, if only because, as Microsoft's first true bug bounty, it was a milestone. But he also characterized the quantity of reported vulnerabilities as "a healthy number" in an interview via instant message today.
"If you consider the number of CVEs for IE patched on any given Patch Tuesday, this lot probably represents one or two months of IE bulletins," Storm said.
Microsoft will release the final of IE11 for Windows 8 and Windows RT on Oct. 17, when it offers the Windows 8.1 update to current users. IE11 on the more popular Windows 7 is to ship some time this fall.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is firstname.lastname@example.org.
Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.