Microsoft increases Hyper-V bounty payouts in new bug program

By on
Microsoft increases Hyper-V bounty payouts in new bug program

Microsoft is rolling out a bounty program to compensate security researchers that uncover vulnerabilities in software related to Windows 10, with payouts reaching up to A$311,000 (US$250,000).

The Windows Bounty Program is part of "maintaining a high security bar in Windows," Microsoft said in a blog post announcing the program.

The company has offered bounties for uncovering bugs in certain Windows features since 2012 and began paying up to US$100,000 in bug bounties starting in mid-2013, in connection with the launch of Windows 8.1 Preview.

The software giant said the Windows Bounty Program would cover all features of the Windows Insider Preview. Payouts for discovering Windows Insider Preview bugs will range from US$500 to US$15,000.

The program will also include bounties for discovering vulnerabilities in four related "focus areas," including Hyper-V, which will feature a payout range of US$5,000 to US$250,000. Microsoft said the payout range had been increased for discovering Hyper-V bugs, though the company didn't specify what the previous range was.

The Windows versions covered in the Hyper-V bug bounties are Windows 10, Windows Server 2012, Windows Server 2012 R2, and Windows Server Insider Preview.

The three other focus areas for the bounty program are mitigation bypass (US$500 to US$200,000 payout range), Windows Defender Application Guard (US$500 to US$30,000), and Microsoft Edge (US$500 to US$15,000).

"Any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customer's privacy and security will receive a bounty," Microsoft said in its blog post.

The bug bounty program "will continue indefinitely at Microsoft's discretion," the company added.

Microsoft made the announcement as the Black Hat security conference in Las Vegas.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?