Microsoft has launched a new Windows Bounty Program, designed to expand its existing security bug bounty programs. While the software giant has previously paid out $100,000 for Windows 8.1 bugs, this new program will see the software giant pay out far more for serious Hyper-V flaws in Windows 10 or Windows Server operating systems.
Microsoft will now pay up to $250,000 for severe Hyper-V vulnerabilities, and security bugs in Microsoft Edge or Windows 10 preview builds will fetch up to $15,000. “Security is always changing and we prioritize different types of vulnerabilities at different points in time,” explains a Microsoft spokesperson in a blog post. “Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities.”
The new Windows Bounty Program launched last week, and will continue indefinitely at Microsoft’s discretion. Any critical or important flaws that affect Windows and a variety of individual features will receive a bounty. Facebook, Google, Apple, Uber, and a variety of other tech companies all offer bug bounties, and they’re designed to tempt researchers into disclosing vulnerabilities early to prevent widespread cyber-attacks.
There’s lots of money to be made here! Last year, a 10-year-old — who is not even old enough to sign up on Facebook — impressed Mark Zuckerberg by hacking Instagram, the photo-sharing application owned by Facebook. The Helsinki-based boy genius, called Jani, received $10,000 from Facebook for identifying a security bug.
Since the Facebook Bug Bounty Program launched in 2011, Facebook has awarded over $4.3 million to more than 800 researchers. The program determines the payout based on a bug’s risk, rather than how complex it may be. In 2015 alone, 210 researchers received $936,000 with an average payout of $1,780.
Click these Google, Apple and Uber links to see how much these companies have paid out to “White Hat Hackers”.