Alexander Miller, as the boy is called, had previously reported a Firefox vulnerability, but was not eligible for cash payment, ranging from $500 to $3,000.The $3,000 promised motivated the student to spend a couple of hours a day finding bugs in Mozilla's products. And from what they say he achieved it by identifying a critical security flaw in the Firefox web browser.
A discovery not easy according to the head of security of Mozilla and that few can detect since it is a very technical area. And how has a 12-year-old boy without qualification detected it? They say that he is one of those self-taught geniuses passionate about technology who soak up technical books in their spare time.
In addition to discovering new talent, it seems that the recent increase in the financial endowment of Mozilla's reward program for discovering vulnerabilities pays off. A strategy that Google also follows for Chrome and that allows – thanks to community collaboration – to patch critical software bugs before it is publicly disseminated and exploited to distribute malware.
The vulnerability, which can cause an attacker to potentially execute arbitrary code on the victim's computer, was patched this week in Firefox 3.6.11 and Firefox 3.5.14.
Source: Blog Antivirus and Muy Computer
