Microsoft launches new Windows bug bounty programme

Lynne Hanson
Июля 28, 2017

Payouts for discovering Windows Insider Preview bugs will range from $500 to $15,000.

That is now a possibility with Microsoft making Windows a 10 a permanent part of its bug bounty program and increasing monetary rewards. "Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities". Microsoft is also focusing on the Mitigation bypass and Microsoft Edge, and participants who identify a bug are eligible for $100,000 and $15,000, respectively. The previous maximum Hyper-V payout was $150,000. Rewards start at a minimum of $500 and can go up to as high as $250,000.

Many of these bounty programs were time-limited, covering software during its beta/development period but ending once it was released.

Читайте также: China raises 'major problems' as Doval meets China's top diplomat

It's always better to find and fix a hole before it becomes a massive problem, especially when it comes to security issues.

Following that initial programme, Microsoft has been slowly extending its bounty offerings: in 2014 its Bounty Hunter programme reached £182,860 in payouts with a major chunk going to researcher Yang Yu, in 2015 it added Project Spartan, now known as Microsoft Edge, to the programme, and earlier this year boosted the maximum payouts available for selected software under the programme. Other points of focus include Mitigation Bypass (things that break Microsoft's security sandboxing) and Bounty for Defense, Windows Defender Application Guard, Microsoft Edge and, most notably, Windows Insider Preview, the company's early access program for Windows 10 builds. Such programs make it easier for tech companies to look for security flaws before they wreak havoc in one way or another. Rewarding security researchers with bounties costs lesser as compared to paying for a serious security mix-up.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2017 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Other reports by

Discuss This Article