Back in June this year, Microsoft launched a Windows 8.1 bug bounty campaign, with the intention of encouraging more security researchers to find and report security flaws in its newest operating system.
The programs were a success, with a number of exploits revealed in both Windows 8.1 and Internet Explorer 11, and these have been fixed during the development process. But now with both flagship products alive and kicking, the company has announced an extension of the program.
Redmond shared the details, revealing that it is now accepting mitigation bypass techniques that can be submitted by responders and forensic experts:
“Today’s news means we are going from accepting entries from only a handful of individuals capable of inventing new mitigation bypass techniques on their own, to potentially thousands of individuals or organizations who find attacks in the wild. Now, both finders and discoverers can turn in new techniques for $100,000.”
Up until now, only a single person won the $100,000 bounty for Windows 8.1, though a number of experts qualified for the second bounty program that unearthed flaws in Internet Explorer 11.
Organizations must preregister with Microsoft by emailing at an address listed in the link above, before they can submit any exploits that they may have discovered. Along with the jackpot bounty, experts are also eligible to receive up to $50,000 from the company if they also submit a qualifying defense idea.
All Comments