Microsoft Launches Bug Bounty Program For Windows, Increases Hyper-V Bounty Payouts

Bill Rogers
July 28, 2017

It should be worth noted that is not the first bounty program to target Windows features - as the software giant has launched many Windows-specific bounties starting way back in 2012.

The bug bounty program "will continue indefinitely at Microsoft's discretion", the company added.

If you find a bug in a popular application from a large company, there is a good chance that they offer a "bug bounty" program where you can report the issue and make a little bit of money for uncovering the flaw.

Bounty payouts will range from $500 to $250,000. Hyper-V is now top priority, as a bad bug in that code can earn you up to US$250k, $50k more than is on offer for any other bug and an increase on previous payments for those who find critical remote code execution, information disclosure and denial of services vulnerabilities in the virtualization code.

The program will also include bounties for discovering vulnerabilities in four related "focus areas", including Hyper-V, which will feature a payout range of $5,000 to $250,000.

More news: Microsoft says MS Paint is not dead

That is not to say that the bug bounty programs specifically focused on any of these areas will be terminated - they will not.

A total bypass of all mitigation technologies incorporated in Windows 10 can result in a paid bounty that can reach as high as $100,000.

The company has been running bug bounty programs, wherein security researchers are financially rewarded for discovering and reporting exploitable flaws, since 2013. However, the exploit needs to work on the latest release of the Windows Insider Preview slow ring.

In addition to the payouts for the first person to discover the bugs, Microsoft is also offering to pay out 10% of the corresponding reward to the first person to report any bugs that are discovered internally but have not been published yet.

Other reports by TheSundaySentinel

Discuss This Article