|Microsoft Offers $100,000 For Novel Exploits|
|Written by Sue Gee|
|Friday, 21 June 2013|
Microsoft has announced a bounty program with generous payouts for discovering the weaknesses in Windows 8.1 while it it still in preview. It is also offering up to $11,000 per bug for vulnerabilities in IE11.
Unlike Google, Facebook and others, Microsoft hasn't had an ongoing bounty scheme, although last year it awarded a total of $260,000 to three winners in its BlueHat Prize competition.
It seems that Microsoft regarded that competition as a success and now has a three-pronged campaign to eradicate the bugs from Windows 8.1 and IE11 before they reach end users and it is offering direct cash payouts in exchange for reporting certain types of vulnerabilities and exploitation techniques.
The following three routes to earning cash for exposing bugs are open to individual researchers or those working for an organization that permits participation who are aged 14 or older (minors need parental consent) and on a worldwide basis, with the usual exceptions:
It is not usual to offer a bounty for bugs on beta software but Microsoft argues:
Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would.
All three programs start on June 26th - the date of release of the preview of Windows 8.1. The IE11 Preview Bug Bounty runs for 30 days, i.e. until July 26th while the other two have open-ended time frames.
To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin, or sign up for our weekly newsletter.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Friday, 21 June 2013 )|