Microsoft to reward up to $250,000 bounty to bug finders


San Francisco, Jul 27 (IANS): To ensure Windows 10 is secure and bug-free, Microsoft has announced a fresh round of Windows Bounty Programme that will reward the bug finders up to $250,000 if they are able to discover exploits in Microsoft's virtualisation software.

Bounty payouts will range from $500 to $250,000.

Microsoft has been running the bounty programme since 2012 but the company is expanding it to cover more ground in Windows 10.

According to a blog post on the company's website late on Wednesday, any critical or important class remote code execution, elevation of privilege or design flaws that compromises a customer's privacy and security will receive a bounty.

"Security is always changing and we prioritise different types of vulnerabilities at different points in time. Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities," the blog post read.

The other focus areas include 'Mitigation Bypass' (things that break Microsoft's security sandboxing), 'Windows Defender Application Guard', 'Microsoft Edge' and 'Windows Insider Preview'.

"If a researcher reports a qualifying vulnerability already found internally by Microsoft, a payment will be made to the first finder at a maximum of 10 per cent of the highest amount they could've received," the company announced.

Other tech giants like Google, Facebook and Apple have also employed the same tactics to detect bugs and exploits.

  

Top Stories


Leave a Comment

Title: Microsoft to reward up to $250,000 bounty to bug finders



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.