From Microsoft’s new bug hunting program with rewards up to $15,000

Microsoft has announced a new bug hunting program that provides rewards up to $ 15,000 for anyone who can find a vulnerability in the Windows operating system, analyzing the Windows Insider Preview.

It’s since 2013 that the company has set up hacking programs, where security researchers are rewarded if they discover and report falsifications that can be exploited by criminal hackers. Over the years, Microsoft has launched a series of specific programs focused, for example, on the Hyper-V Hypervisor, on defense technologies such as DEP and ASLR, and the Edge browser.

Many of the programs are on time and are activated in the beta and software-development phase, to be terminated once the software is released publicly. This is a method designed to attract the attention of security researchers so that they can have a thorough analysis of the robustness of the software before it is distributed to the end user. However, last month the Edge program broke this ” tradition “, with Microsoft deciding to extend it indefinitely.

The program announced today does not go to replace specific ones, but it fits in with them. It will act as a kind of ” panacea ” for the entire operating system: a researcher who detects and reports flaws that can lead to remote code execution in Windows, accompanying discovery with a high-quality proof of concept receive up to $15,000 in reward.

Specific programs have more significant rewards. For example, discovering a Hyper V exploit that could allow an attacker to control a virtual machine to run code remotely via the hypervisor can allow you to receive a reward of up to $250,000 or a vulnerability that lets you overcome everything arsenal of protection and mitigation techniques can yield up to $100,000.