Microsoft Launches Windows Bug Bounty Program Because Late Is Better Than Never

Microsoft launches Windows bug bounty program with rewards ranging from $500 to $250,000

Microsoft expands bug bounty program

This is also not the first to target Windows features - the company has launched many Windows-specific bounties starting in 2012.

This means everyone finding such a bug is eligible for a bounty, but the software giant explains that if someone has already discovered the bug which has been reported internally, only 10 per cent of the highest amount which they could have received would be paid.

That is now a possibility with Microsoft making Windows a 10 a permanent part of its bug bounty program and increasing monetary rewards.

Bounty payouts will range from $500 United States dollars to $250,000 USD.

If you're interested in the maximum quarter-million bounty rewards, your only option is Hyper-V program, although you have multiple Microsoft's operating systems to choose from: Windows 10, Windows Server 2012, Windows Server 2012 R2, and Windows Server Insider Preview. "Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities", Microsoft said.

"All security bugs are important to us and we request you report all security bugs", the company explains.

The company said the programme will include all features of the Windows Insider Preview in addition to focus areas in Hyper-V, Mitigation bypass, Windows Defender Application Guard, and Microsoft Edge.

The Mitigation Bypass and Bounty program's highest reward of $200,000, but there you can exclusively target Windows 10.

Under the new terms, those who find a vulnerability in the slow Windows Insider release track will be awarded $30,000.

Participants who find remote code execute bugs within a Windows Insider Preview or the Edge web browser will be awarded up to $15,000 with privilege escalation, remote denial of service and information disclosure exploits. Paying a bounty costs the company only a little compared to fixing loopholes after it's too late.

Latest News