Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Microsoft Security The Almighty Buck Windows

Microsoft Launches Windows Bug Bounty Program With Rewards Ranging From $500 To $250,000 (venturebeat.com) 34

Microsoft on Wednesday announced the Windows Bounty Program. Rewards start at a minimum of $500 and can go up to as high as $250,000. From a report: To be clear, Microsoft already offers many bug bounty programs. This is also not the first to target Windows features -- the company has launched many Windows-specific bounties for those starting in 2012. The Windows Bounty Program, however, encompasses Windows 10 and even the Windows Insider Preview, the company's program for testing Windows 10 preview builds. Furthermore, it also has specific focus areas: Hyper-V, Mitigation bypass, Windows Defender Application Guard, and Microsoft Edge.
This discussion has been archived. No new comments can be posted.

Microsoft Launches Windows Bug Bounty Program With Rewards Ranging From $500 To $250,000

Comments Filter:
  • Okay Dokey (Score:4, Funny)

    by fahrbot-bot ( 874524 ) on Wednesday July 26, 2017 @01:42PM (#54884831)

    I mailed in a Windows 10 Install DVD. When do I get my check for $250k?

  • I thought I would be newly rich as my technet / microsoft forums account only exists to file all the monthly bugs i find in windows. But then i read its only certain types of bugs that are eligible:

    "Any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customerâ(TM)s privacy and security will receive a bounty"

    oh well! I continue to do QA for free then i guess.

    • by mysidia ( 191772 )

      Also, Microsoft has historically quite the reputation of downplaying discovered bugs with security impact or reclassifying as lower impact, Until an actual exploit is publicized that defeats all mitigations.

      Doubt the bounty will help matters. Merely discovering a bug is not enough --- you're going to need to build the exploit to.

      Once you have a RCE exploit, you could PROBABLY make a lot more than $250k selling that to the CIA, etc.

  • by sproketboy ( 608031 ) on Wednesday July 26, 2017 @02:11PM (#54885103)

    > Furthermore, it also has specific focus areas: Hyper-V, Mitigation bypass, Windows Defender Application Guard, and Microsoft Edge.

    Yeah but then I'd have to use Microsoft Edge.

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries

Working...