Microsoft has announced a 'bounty'
program in a bid to encourage
developers and security experts to
find exploits in its upcoming products
like Windows 8.1
Under the program, which will launch
on June 26, Microsoft is offering to pay
up to $100,000 USD for "truly novel
exploitation techniques" against
protections built into the latest version
of its operating system Windows 8.1
Preview.
Windows 8.1 is a major update to
Microsoft's brand new operating
system Windows 8, and given the
serious bounty on offer, Microsoft
clearly wants to leave nothing to
chance as far as securing the
operating system is concerned. The $
100,000 amount is a big enough
incentive for individuals to spend
serious time and effort trying to find
exploits in the OS, but for Microsoft it
is pocket change to secure one of its
most important release.
Microsoft is also offering an additional
$50,000 BlueHat Bonus for those who
submit a valid defence to block a
bypass technique that qualifies for a
bounty, bringing total potential reward
to $150,000 for a single exploit.
Microsoft has posted details of the
program that indicate individuals must
be at least 14 years old to participate.
It has also posted details on what
qualifies as an exploit, and how
developers or security experts can
submit their entries. Though there are
no restrictions on the number of
qualified submissions an individual
submitter can submit and be paid for,
all bounties will be paid out at
Microsoft's discretion, which may
indeed be considerably less than $
100,000.
In the event more than one party
submit the same exploit, Microsoft
will consider not only time and date of
submission, but also quality and
complexity to be the deciding factor
for eligibility of payment of the bounty.
Microsoft has also announced a
separate bounty program for Internet
Explorer, where it is offering to pay up
to $11,000 USD for critical
vulnerabilities that affect IE 11
Preview on Windows 8.1 Preview.
Details of all programs are available
as a FAQ on the Microsoft website.
No comments:
Post a Comment