Big money for exterminators
Now that Windows 10 is here and off to a fast start, Microsoft wants to ensure that it stays on top of security vulnerabilities. Using the "it takes a village" approach, there's a bug bounty program in place, and Microsoft just doubled the maximum reward from $50,000 to $100,000 for what it calls Bounty for Defense.
The max reward applies to defensive ideas that accompany a qualifying Mitigation Bypass submission, which itself are novel exploitation techniques against protections built into Windows 10.
The new max payment brings the Bounty for Defense reward on par with offense, which already tops out at $100,000 for novel exploits found in Windows 10.
"Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would," Microsoft said.
In addition, Microsoft is doubling the reward for authentication vulnerabilities submitted through its Online Services Bug Bounty program during the bonus period that runs from August 5, 2015 to October 15, 2015. These boil down to Microsoft Account (MSA) and Azure Active Directory bugs, which will now pay up to $30,000 instead of $15,000.
The last change is that Microsoft has added RemoteApp as a new property to its Online Service Bug Bounty program.
Follow Paul on Google+, Twitter, and Facebook
From maximumpc
from http://bit.ly/1geZLxg
