At the same time, one engineer at Microsoft, Thomas Garnier, had also found a variant of this class of attack technique. Microsoft engineers like Thomas are constantly evaluating ways to improve security, but James’ submission was of such high quality and outlined some other variants.
According to Katie Moussouris, the reason MS pays so much more for a new attack technique versus for an individual bug is that learning about new mitigation bypass techniques helps MS develop defenses against entire classes of attack.