CRN : Daily Archives : Microsoft Places $250K Bounties On Hackers : 2:38 PM EST Wed., Nov. 05, 2003: "Microsoft placed a $250,000 bounty on the respective heads of the MSBlaster and So.Big virus writers as part of a $5 million program it launched here on Wednesday with the FBI, Secret Service and Interpol to fight cybercrime. "
This is cool with me...as long as the offer the same bounty for people who can fix their security holes.
Microsoft should have some degree of culpability for the software they sell. However, that big long contract you have to sign before you use their software indemnifies them of all responsibility. So, obviously, their security problems are the fault of someone else.