Microsoft launched the Bounty Program paying up to 10 million yen to bug-founders and others

ByNick Ares

Google, Paypal, Facebook, etc. operate "Bounty Program" which pays fee as a reward for those who found vulnerability hidden in programs and web services. Meanwhile, Microsoft, who has long stretched its attitude of not needing Bounty Program etc., finally decided to start three Bounty Programs.

Microsoft Security :: Security Vulnerability | Report a Vulnerability | MSRC
http://www.microsoft.com/security/msrc/report/bountyprograms.aspx

Microsoft Launches $ 100,000 Bug Bounty Program | Threatpost
https://threatpost.com/microsoft-launches-100000-bug-bounty-program/

Three new Microsoft Bounty Programs are as follows, the program will start on June 26, 2013.

◆ 01: Mitigation Bypass Bounty

ByKévin Galop

Microsoft is using the latest OS (Windows 8.1 Preview versionIt will pay up to 100 thousand dollars (about 9.55 million yen) to those who provided the latest technology that threatens security, which is built in).

◆ 02: BlueHat Bonus for Defense

ByGrace

To those who provided new security techniques to prevent external attacks, we will pay a maximum bonus of $ 50,000 (4.8 million yen).

◆ 03: Interenet Explorer 11 Preview Bug Bounty

ByJake Bouma

A maximum of $ 11,000 (about 106 million yen) will be paid to those who found serious vulnerability in the Internet Explorer 11 preview version installed in the latest OS (Windows 8.1 preview version). The entry period of Interenet Explorer 11 Preview Bug Bounty is within 30 days from the start of the beta version of IE 11.

Until now, even if we discover vulnerabilities of programs and services, they reported directly to Microsoft, but it seems that there is no need for it in the future. Microsoft's Security Strategy DepartmentKate MoussorisAccording to him, finding the vulnerability as soon as possible prevents any attack from the outside.