Windows Bounty Program Offers Up to $250,000 Per Bug

In a bid to make Windows 10 and Windows Server more secure, Microsoft turns to the wider security community and tempts them with very healthy cash rewards.
Windows Bounty Program Offers Up to $250,000 Per Bug
Image credit: Microsoft via PC Mag

Grow Your Business, Not Your Inbox

Stay informed and join our daily newsletter now!
Senior Editor
2 min read
This story originally appeared on PCMag

Bug bounty programs are a very efficient way of getting the wider security community involved in helping to protect a piece of software. In return for spending time trying to break through the security of any given system, you can earn some cash and a little bit of fame.

This week, Microsoft announced the Windows Bounty Program, challenging "friends, hackers and researchers" to break into any and all parts of Windows 10 and Windows Server.

Microsoft isn't new to the bug bounty game. Mitigation Bypass Bounty and Bounty for Defense programs have been running since 2013, and a Microsoft Edge bounty has been in place since August 2016. The latest bounties are really more of an expansion of what's already in place and includes the Windows Insider Preview, Windows Defender Application Guard and Microsoft Hyper-V.

Rewards range anywhere from $500 right up to $250,000 for the most serious Hyper-V bugs. Hyper-V is Microsoft's solution for running virtual machines and helps power the Azure cloud computing service, so you can see why Microsoft would like to identify and fix any vulnerabilities there quickly. In order to earn $250,000 you need to identify a vulnerability that qualifies as Remote Code Execution, Information Disclosure or a Denial of Service.

A nice additional feature of this bounty program is the 10 percent reward. If a bug is reported that Microsoft already discovered internally, the first finder will still receive 10 percent of the qualifying reward. So if they found a vulnerability worth $250,000, which Microsoft already knows about internally, they'll still receive $25,000.

Taken as a whole, Microsoft is clearly very keen to ensure its core products of Windows 10, Windows Server, the Edge browser and Windows Defender are as secure as possible. And with the rate at which new threats appear, it would be almost impossible to keep up relying solely on an internal security team at Microsoft.

More from Entrepreneur
Entrepreneur Select: A Fund For Entrepreneurs, By Entrepreneurs

Entrepreneurs require more than just money, which is why we aim to empower you, as well as act as a catalyst for value creation.

Discover the franchise that’s right for you by answering some quick questions about
  • Which industry you’re interested in
  • Why you want to buy a franchise
  • What your financial needs are
  • Where you’re located
  • And more
Make sure you’re covered for physical injuries or property damage at work by
  • Providing us with basic information about your business
  • Verifying details about your business with one of our specialists
  • Speaking with an agent who is specifically suited to insure your business

Latest on Entrepreneur