Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1 Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1
Windows 10

Microsoft Launches Windows Bug Bounty Program Because Late Is Better Than Never

If you find a bug in a popular application from a large company, there is a good chance that they offer a ‘bug bounty’ program where you can report the issue and make a little bit of money for uncovering the flaw. These programs have been around for some time but surprisingly, Microsoft did not offer a reward for reporting issues with Windows.

Starting today, Microsoft is expanding programs it has offered as far back as 2012, to include Windows 10 in addition, to focus areas in Hyper-V, Mitigation bypass, Windows Defender Application Guard, and Microsoft Edge. Payouts can range from as low as $500 for finding a flaw in an Insider preview build to $250,000 for an issue with Hyper-V.

These types of bounty programs are necessary in a world where exploits found in a program can be sold to nation states or to other malicious groups to create ransomware. With Microsoft now offering a direct payout for reporting security flaws in its products for Windows, the goal is to reduce the number of exploits released in the wild and make Windows a more secure product.

What’s odd is that it has taken Microsoft this long to create a Windows 10 bounty program. You would think they would want everyone to report any flaw to them right away but when there is financial gain to be made by keeping an exploit private, there is little incentive to do so unless Microsoft was willing to offer a reward which they previously were not doing.


Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.

Register for the Hybrid Identity Protection (HIP) Europe Conference!

Hybrid Identity Protection (HIP) Europe 2021 - Virtual Conference

Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. And with radical transformation come new business risks. Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric practitioners. At the inaugural HIP Europe, join your local IAM experts and Microsoft MVPs to learn all the latest from the Hybrid Identity world.