Microsoft ups the ante on $100,000 exploit bounty prize

Earlier this year, Microsoft announced it would offer up to $100,000 to third party security researchers if they found and reported exploits in Windows 8.1. A few weeks ago, Microsoft awarded the first $100,00 bounty in their program to researcher James Forshaw. Today, Microsoft announced that even more people can now have a shot at receiving that $100,000 prize.

In a post on the BlueHat blog, Microsoft stated that responders and forensic experts who find active attacks in the wild can now submit their mitigation bypass techniques to Microsoft. It added:

Today’s news means we are going from accepting entries from only a handful of individuals capable of inventing new mitigation bypass techniques on their own, to potentially thousands of individuals or organizations who find attacks in the wild. Now, both finders and discoverers can turn in new techniques for $100,000.

The organizations must pre-register with Microsoft by emailing them at doa@Microsoft.com before submitting any exploits they may have discovered. In addition to the big $100,000 bounty, those groups are eligible to receive up to $50,000 from Microsoft if they also submit a qualifying defense idea. Microsoft says they will pay bounties even if the exploits are found to be currently used in attacks on Windows.

Source: Microsoft | Image via Microsoft

Report a problem with article
Previous Story

Google forces MetroTalk to be pulled from Windows Phone store

Next Story

Images of Nokia Lumia 525 leak

1 Comments

Commenting is disabled on this article.

$100K...I'm sure it comes to a point where it's more worthwhile selling these exploits back to MS rather than the black hats.

Not that I have any idea what a good exploit goes for.