If you think you can track down bugs and vulnerabilities in Windows you might be able to turn that skill into cold, hard cash. Microsoft has launched the Windows Bounty Program and is offering between USD$500 and USD$250,000 if you report through their Coordinated Vulnerability Disclosure policy.
While this isn’t Microsoft’s first bug bounty program this new program is a significant expansion.
The new bounties are substantially larger, moving from a previous maximum of $100,000. And rather than looking for bugs that address specific issues, it now covers any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customer’s privacy and security.
There are some specific focus areas – issues with Hyper-V offer the biggest bounties but even issues in the Slow Ring for Insider Builds can deliver up to USD$15,000.
Further details can be found on the TechNet Blog.
Are you a bug bounty hunter? Are any Lifehacker readers making a living by detecting and reporting bugs? It would be great to hear from you.
Comments