Microsoft Launches $100k Bug Bounty Program

Trailrunner7 writes "After years of saying that the company didn't need a bug bounty program, Microsoft is starting one. The company today will announce the start of a new program that will pay security researchers up to $100,000 for serious vulnerabilities and as much as $50,000 for new defensive techniques that help protect against those flaws. Microsoft security officials say that the program has been a long time in development, and the factor that made this the right time to launch is the recent rise of vulnerability brokers. Up until quite recently, most of the researchers who found bugs in Microsoft products reported them directly to the company. That's no longer the case. The system that Microsoft is kicking off on June 26 will pay researchers $100,000 for a new exploit technique that is capable of bypassing the latest existing mitigations in the newest version of Windows."

Finally

[MaxDollarCash]

Better late than never. Microsoft exploits have been traded and sold to security companies owned by intelligence agencies for years now. At least now the researchers discovering the bugs have an incentive to sell to microsoft and get the bug fixed instead of selling it to the highest bidder who will probably use it to create either "private"-malware or government-malware. Thank you m$

Re:Bugs in Windows? Unthinkable!

Now's the time to put up or shut up!

Re:Bugs in Windows? Unthinkable!

[linear+a]

Slashdotters shut up about Windows? Also unthinkable.