A new bounty program from Microsoft designed to help the company become aware of security vulnerabilities earlier is backed by some pretty deep pockets. Redmond will pay up to $100,000 as part of what they are calling a Mitigation Bypass Bounty dealing with Windows 8.1 Preview.
The bounty notes they are looking for truly novel exploitation techniques against protections built into the upcoming software update. Microsoft said learning about new exploitation techniques earlier helps them improve security by leaps instead of simply handling them one at a time as they crop up after the fact.
A separate program called BlueHat Bonus for Defense will award up to $50,000 for defensive ideas that accompany a qualifying Mitigation Bypass submission. Naturally this program will work in conjunction with the above mentioned bounty and could be a way for individuals to earn even more money from their work.
Finally, Microsoft is offering up to $11,000 for critical vulnerabilities that affect Internet Explorer 11 Preview in Windows 8.1 Preview.
All three bounties will launch on June 26, 2013, we’re told. The timeframe for the Mitigation Bypass Bounty and the BlueHat Bonus for Defense bounty is listed as ongoing while the Internet Explorer 11 bounty will only be active during the first 30 days of the beta period (from June 26 through July 26).
Those interested in learning more about each program and finding tips on how to submit a good report can be found on Microsoft’s bounty program details page.