Help Microsoft find bugs in Windows 8.1 Preview and earn up to $100,000

By on June 20, 2013, 7:30 AM
microsoft, windows, reward, windows 8.1, bounty program

A new bounty program from Microsoft designed to help the company become aware of security vulnerabilities earlier is backed by some pretty deep pockets. Redmond will pay up to $100,000 as part of what they are calling a Mitigation Bypass Bounty dealing with Windows 8.1 Preview.

The bounty notes they are looking for truly novel exploitation techniques against protections built into the upcoming software update. Microsoft said learning about new exploitation techniques earlier helps them improve security by leaps instead of simply handling them one at a time as they crop up after the fact.

A separate program called BlueHat Bonus for Defense will award up to $50,000 for defensive ideas that accompany a qualifying Mitigation Bypass submission. Naturally this program will work in conjunction with the above mentioned bounty and could be a way for individuals to earn even more money from their work.

Finally, Microsoft is offering up to $11,000 for critical vulnerabilities that affect Internet Explorer 11 Preview in Windows 8.1 Preview.

All three bounties will launch on June 26, 2013, we’re told. The timeframe for the Mitigation Bypass Bounty and the BlueHat Bonus for Defense bounty is listed as ongoing while the Internet Explorer 11 bounty will only be active during the first 30 days of the beta period (from June 26 through July 26).

Those interested in learning more about each program and finding tips on how to submit a good report can be found on Microsoft’s bounty program details page.

User Comments: 9

Got something to say? Post a comment
VitalyT VitalyT said:

Patching every security hole in Internet Explorer isn't going to save it, so says the cold statistics.

This is the end game, with Chrome Blink being the only finisher.

1 person liked this | Nobina Nobina said:

I've found a bug. There's no start menu.

cliffordcooley cliffordcooley, TechSpot Paladin, said:

MS Development team is the biggest bug of all. Find those who think Windows has to change every few years, and you will know where the bugs are.

Guest said:

I hope the result is not saying that Windows 8.1 itself is a bug xD

JC713 JC713 said:

I can find tons of bugs! I am just not the type of person who can find security bugs though.

Skidmarksdeluxe Skidmarksdeluxe said:

I've already found one huge bug, It's still part of the Windows 8 family. Do I get the $100000?

RH00D RH00D said:

Patching every security hole in Internet Explorer isn't going to save it, so says the cold statistics.

This is the end game, with Chrome Blink being the only finisher.

Try again when Chrome has native support for Group Policy and other Windows Services, until then Internet Explorer will still rule in corporate enterprises which makes up a lot of marketshare.

Nice stats though, too bad those include mobile platforms as well. When it comes to desktop computer browser marketshare, IE still has 55.99%.

Sarah Palin Sarah Palin said:

I studied the Unix Kernel in college and know that finding a flaw with an application has nothing to do with getting root access. Though with Windows, it does. With Unix, Linux and OS X, if you log in as a non root user, there is noway that you can become root. To become root there would have to be a hole in the kernel and there is not on any of those systems mentioned. It is so strange that Microsoft would have applications requiring SYSTEM access to do reads, writes and other OS functions. Windows must have been designed quickly. They should call it the Quick and Dirty OS or QDOS for short!

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.