Microsoft based the anti-ROP settings in EMET on Fratric's work.

"Ivan's idea was the one that could be mitigated the fastest," said Mike Reavey, senior director of the Microsoft Security Response Center (MSRC), in an interview. "His was very practical."

Reavey cautioned that Fratric was not necessarily the winner of the BlueHat Prize, even though Microsoft chose his technology to deploy first.

Fratric seconded that. "The ease or difficulty of integrating the technology into existing tools does not imply that it is any more or less effective," Fratric said in an email reply to questions today. "According to the criteria that the BlueHat Prize judges used, only 30% of the score was generated based on how 'practical and functional' the entry was. The remaining 70% of the score was given on the basis of 'robustness' and 'impact.'"

But Fratric was still pleased to see Microsoft use his ROPGuard concept in EMET.