Sci-tech

Windows Bounty Program Offers Up to $250K Per Bug

Windows Bounty Program Offers Up to $250K Per Bug”

The top money reward is for bugs discovered in Microsoft's Hyper-V virtualisation software, but more modest rewards start at $500 (£382) for critical or important remote code execution flaws found in Windows. And payouts from $500 to $250,000 is one heck of an incentive to go looking for bugs. The new programs will have a maximum payout of $250,000 for a Hyper-V exploit with Remote Code Execution, and a maximum of $200,000 for Windows 10 exploits that are "Novel & fundamental advancement [s] in exploitation technology that universally bypasses current mitigations".

The newly-launched bounty program is not tied to any specific program but aims to make sure Windows packages not covered by other bounty scheme are being monitored. Microsoft's new program not only covers Windows 10 but also Windows Insider Preview which is geared towards testing new preview builds of its operating system as well.

- All security bugs are important to us and we request you report all security bugs to secure@microsoft.com via Coordinated Vulnerability Disclosure (CVD) policy.

The other focus areas include "Mitigation Bypass" (things that break Microsoft's security sandboxing), "Windows Defender Application Guard", "Microsoft Edge" and "Windows Insider Preview". 'Security is always changing and we prioritise different types of vulnerabilities at different points in time. These programs have been around for some time but surprisingly, Microsoft did not offer a reward for reporting issues with Windows.

"These bounty programs help Microsoft harness the collective intelligence and capabilities of security researchers to help protect customers". Rewarding security researchers with bounties costs peanuts compared to paying for a serious security snafu.



Like this

Latest


27 July 2017
McCain calls on both parties to work together
He also reminded senators that their responsibility was to serve as an "important check" on the powers of the president. This isn't the first time Ward has received national attention for her comments on McCain's health.

27 July 2017
BCCI adopts all Lodha reforms expect five having 'practical difficulties'
However, the Lodha panel had recommended that the majority of the power should be in the hands of the CEO. Interestingly, Choudhary insisted that the board has accepted all the recommendations.

27 July 2017
Man Booker Longlist 2017 Announced
Paul Auster, Colson Whitehead and past victor Arundhati Roy are among contenders for this year's Man Booker Prize for fiction. Now, the judges of the prize will re-read these 13 novels and shortlist six, which will be announced on 13 September.

27 July 2017
McCain, battling cancer, returns to Senate for critical health care vote
The health industry has watched the debate nervously, and after the vote some groups urged the Senate to reconsider its approach. After a brief wave of acknowledgement, McCain swiftly cast a "yes" vote, followed seconds later by Johnson's aye.

27 July 2017
Bellecapital International Ltd. Has $425000 Position in Gilead Sciences, Inc. (NASDAQ:GILD)
Alton sold 40,000 shares of the business's stock in a transaction on Friday, July 21st. ( GILD ) is its Earnings per Share or EPS. To measure price-variation, we found GILD's volatility during a week at 1.64% and during a month it has been found around 1.65%.

27 July 2017
Twitter stalls, fails to add new users this quarter
Better yet, shares have stopped logging lower major lows, and are on the cusp of a new 52-week high. In the most recent quarter, the company's revenue fell 5% from the same period a year earlier.

27 July 2017
The Transformation Is Paying Off — PayPal Earnings
The firm owned 243,279 shares of the credit services provider's stock after buying an additional 148,980 shares during the period. In the second quarter, PayPal reported profit excluding some costs of 46 cents a share, beating the average estimate of 43 cents.

27 July 2017
Analysts Near-Term outlook: The Procter & Gamble Company (PG), Gevo, Inc. (GEVO)
Natixis invested 0.01% of its portfolio in H & R Block Inc (NYSE:HRB). 29,819 are owned by Great West Life Assurance Company Can. Blackrock Invest Management Limited Liability Com holds 0.07% of its portfolio in SYSCO Corporation (NYSE:SYY) for 1.14M shares.

27 July 2017
Marlins outscore Rangers 22-10, set franchise record for runs
The first four Marlins reached on two doubles and two singles before Darvish recorded his first out of the inning. Rangers: Before a weekend series at home against Baltimore, the Rangers have a day off Thursday.

27 July 2017
How Many Suncor Energy Inc. (TSE:SU)'s Analysts Are Bullish?
The Firm operates in three business divisions: Oil Sands, Exploration and Production (E&P), and Refining and Marketing. Suncor Energy ( NYSE SU ) traded up 0.23% on Monday, hitting $30.71. 2,079,945 shares of the company traded hands.



Recommended