+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Microsoft Is Paying Hackers Up To $150K To Tear Security Holes In Windows And Internet Explorer

Jun 20, 2013, 02:12 IST

TwitterKatie Moussouris, senior security strategist at MicrosoftLater this month, Microsoft will start doing something it has never done before.

Advertisement

Starting June 26, Microsoft will pay a cash bounty to hackers who find undiscovered security holes in Windows 8 and Internet Explorer 11 and submit them.

In this case, "hackers" doesn't mean people who find flaws in Windows and use them to make money, but researchers who hack software to let vendors know what they need to fix.

Here's a breakdown of Microsoft's Windows bug bounty program:

  • Microsoft will pay up to $100,000 for "truly novel exploitation techniques" that can be used to break the security tech in the Windows 8.1 preview, Katie Moussouris, senior security strategist at Microsoft, said in a Wednesday blog post.
  • To be eligible for the $100,000, a contestant must write code that can be used to take control of a Windows PC over the Internet, which is the most severe type of flaw.
  • Contestants can get up to $50,000 more if they can also develop a way to defend against the code they've written.
  • Microsoft will also pay up to $11,000 for flaws that affect its Internet Explorer 11 Preview, which runs from June 26 to July 26.

This is an important move for Microsoft. While other vendors have paid bounties for security flaws for years, Microsoft has resisted doing so, in part because it has a huge in-house security research team.

Advertisement

Now Microsoft has decided that crowdsourcing discovery of security flaws, and paying a bounty to researchers who find them is a way to keep Windows 8 from becoming a hackers' playground.

Judging from researchers' reactions on Moussouris' Twitter on Wednesday, Microsoft's bounty program is already a hit.

Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article