Thursday, 23 November 2017
Latest news
Main » Microsoft Extends Bug Bounty Program for All Windows 10 Features

Microsoft Extends Bug Bounty Program for All Windows 10 Features

28 July 2017

If you're interested in the maximum quarter-million bounty, your only option is Hyper-V program, although you have multiple operating systems to choose from: Windows 10, Windows Server 2012, Windows Server 2012 R2, and Windows Server Insider Preview.

The program covers four different categories and gives good acting hackers, and researchers monetary payouts ranging from $500 to up to $250,000 for successfully reporting exploits found in various Windows features. Rewards start at a minimum of $500 and can go up to as high as $250,000.

The expanded "sustained" bug bounty program will offer up to US$15,000 for the discovery of vulnerabilities in Windows 10 Insider Preview slow ring.

Participants who find remote code execute bugs within a Windows Insider Preview or the Edge web browser will be awarded up to $15,000 with privilege escalation, remote denial of service and information disclosure exploits.

AstraZeneca lung cancer failure sparks 16 percent share fall
Despite income from several disposals and external deals, revenues slipped 9% (at constant exchange rates) to US$10.46bn. Given that the focus around AstraZeneca is on its pipeline, the first half results played second fiddle this morning.

Under the new terms, those who find a vulnerability in the slow Windows Insider release track will be awarded $30,000.

"If a submission reproduces in a previous WIP Slow build but not the current WIP Slow at the time of your submission, then the submission is ineligible", Microsoft said in an explanatory note.

That is not to say that the bug bounty programs specifically focused on any of these areas will be terminated - they will not. They "will continue indefinitely at Microsoft's discretion", the security response team said.

Following that initial programme, Microsoft has been slowly extending its bounty offerings: in 2014 its Bounty Hunter programme reached £182,860 in payouts with a major chunk going to researcher Yang Yu, in 2015 it added Project Spartan, now known as Microsoft Edge, to the programme, and earlier this year boosted the maximum payouts available for selected software under the programme.

Microsoft Extends Bug Bounty Program for All Windows 10 Features