Skip to main content

Microsoft launches Windows Bounty program, offering awards up to $250,000



Microsoft has been running a bounty program for a few years now, launching it just ahead of the release of Windows 8.1 back in mid-2013. At the time, the company was awarding up to $50,000 for exploits, in an attempt to help address any potential security issues before they could become a larger public concern. It’s a tact taken by a number of tech’s biggest names, like Google, Facebook and, more recently, Apple.

The software giant’s expanding things a bit today, with the simply named “Windows Bounty Program.” It’ll cover a bit more ground in Windows 10, and features much loftier rewards for bug finders (thus perhaps making it a bit more compelling over selling the exploits to the highest-bidding third party.) This time out, awards go all the way up to $250,000 for anyone who’s able to discover exploits in Microsoft Hyper-V, the company’s virtualization software.

Of course, that’s on the high end. The awards start at $500 and will be handed out to, “any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customer’s privacy and security.” Other points of focus include Mitigation Bypass (things that break Microsoft’s security sandboxing) and Bounty for Defense, Windows Defender Application Guard, Microsoft Edge and, most notably, Windows Insider Preview, the company’s early access program for Windows 10 builds.


There is, naturally, some fine print here. For starters, if a Microsoft employee spots an issue first, the company will still offer an award to the first person outside the company who details it — but it will only be 10 percent of the maximum amount offered, meaning it only goes up to $25,000. Even so, that marks a change from the way many other companies approach their respective programs, declining bounties for exploits that had already been discovered internally but not yet disclosed.

Ready to start poking around? Here’s the full list of categories Microsoft is interested in and their respective bounties. Microsoft says it will keep the program running indefinitely in its current form

More@ https://www.technapping.com

Source: Techcrunch

Comments

Popular posts from this blog

WTF is bitcoin cash and is it worth anything?

Early yesterday morning bitcoin’s blockchain forked — meaning a separate cryptocurrency was created called bitcoin cash . The way a fork works is instead of creating a totally new cryptocurrency (and blockchain) starting at block 0, a fork just creates a duplicate version that shares the same history. So all past transactions on bitcoin cash’s new blockchain are identical to bitcoin core’s blockchain, with future transactions and balances being totally independent from each other. For practical matters, all this really means is that everyone who owned bitcoin before the fork now has an identical amount of bitcoin cash that is recorded in bitcoin cash’s forked blockchain. But it’s not exactly this easy. If you control your own private keys, or hold your bitcoin in an exchange that said it would credit users’ balances with bitcoin cash, you’re fine and can access your newfound cryptocurrency right now. If you held your bitcoin with a provider like Coinbase, which said before the fork t...

Google Maps suggests BlaBlaCar for long-distance rides

Google Maps on Android and iOS now has a new transportation option. If you live in a country where French startup BlaBlaCar operates, you can now open the BlaBlaCar app and book a ride straight from Google Maps. Google isn’t adding a new tab just for BlaBlaCar. Instead, BlaBlaCar appears as a new option in the public transportation tab. For instance, if you’re looking at ways to go from Paris to Lyon, Google Maps suggests taking the TGV train — and now also BlaBlaCar. The app gives you an ETA for each transportation mode so that you can compare how long it’s going to take if you opt for the train or BlaBlaCar. Google Maps uses the same ETA for BlaBlaCar and a normal car ride. It also estimates the cost of a BlaBlaCar ride. BlaBlaCar is a ridesharing service for long-distance rides between two cities. It has tens of millions of members in dozens of countries. Think about it as a sort of Airbnb for carpooling. When you are driving from one city to another, BlaBlaCar can help you fi...

Carwow, a UK startup that helps you buy a new car, raises $39M Series C

Carwow , a platform that helps you buy a new car, has closed $39 million in Series C funding. The round was led by new investor Vitruvian Partners, with existing investors Accel Partners and Balderton Capital also participating. At today’s exchange rate it brings total funding to approximately $62.6 million. Founded in late 2010, Carwow originally launched as a car review aggregator before pivoting to become a site that claims to improve the experience of buying a new car. It allows consumers to compare offers online and buy directly from ‘trusted’ dealers that are registered with the platform, specifically avoiding the arduous but otherwise necessary requirement to haggle over price and in a way that potentially introduces more transparency. Specifically, through Carwow you can research, select and configure new cars before receiving and offers from U.K. franchised dealers. The idea is that you can then make an informed decision on those offers based on price, location, dealer rating...