Microsoft wants you to hunt down security flaws in Windows 8.1 - offers up to $100,000 per bug

Microsoft’s security division has been fighting back hackers and botnets for years and now they want you to help out. The company is offering a variety of bounties for finding bugs and security flaws in a variety of software.

Windows 8.1 is the first on a list of bounty programs to launch on June 26th. Microsoft will pay up $100,000 USD to hackers who can showcase “truly novel exploitation techniques”. The company is serious about making sure Windows’ latest revision is released to the public without a hitch.

In addition, if a user can create a defensive technique for the Windows 8.1 security flaw they submitted – Microsoft will pay up to $50,000 USD. The boys in Redmond cite how important the new bounties are:

"Doing so highlights our continued support of defensive technologies and provides a way for the research community to help protect more than a billion computer systems worldwide."

Lastly, Microsoft is offering up to $11,000 USD for anyone who can find critical vulnerabilities within Internet Explorer 11. The latest version of Microsoft’s web browser will be released within the Windows 8.1 Preview. The timeframe for finding IE11 exploits is June 26th – July 26th.

Windows 8.1 Preview: Coming Soon

For more details about the bounty program, click here.

Who is ready to go security bug hunting?

Source: Microsoft Security Response Center


Reader comments

Microsoft wants you to hunt down security flaws in Windows 8.1 - offers up to $100,000 per bug


I can see that as a good and a bad idea idea because if no one finds bugs then you're good, but its bad publicity if there's a lot of weaknesses discovered.

That's the whole point: To find and squash all the bugs before Windows 8.1 goes live.
It's far better to have a bunch of bugs and them patch them all ahead of time, rather than waiting till public launch where big security flaws are discovered that causes mass hysteria and awful press. Plus, offering up money could potentially deter those who would've originally attempted to exploit the bug, as they can legally make a nice pay check.
Lots of companies offer this up, and it's best for all parties involved (Except those with malicious intent, of course).

.. - / .-- .- ... -. .----. - / -... .-.. .- -. -.- --..-- / -.-- --- ..- / .--- ..- ... - / -.-. --- ..- .-.. -.. -. .----. - / .-. . .- -.. / .. - .-.-.-

Damn.... 100.000 here and 100.000 there is going to be a lot of money... :-)
First the promise money for making apps, and now they promise money for finding bugs...
If I only could do both... :-)

So suppose after getting the preview & during normal browsing of the net if i find a glitch or some fault of some kind or does this require technical knowhow to go on a bug finding mission? Will i qualify then?

One should keep in mind that Microsoft is competing for this information.  There are other interested parties who regularly provide substantial compensation.

This isn't anything unusual. Mozilla has been doing this for quite some time when Firefox security vulnerabilities are reported.

It ain't that serious to geek up over this its all about do you know how to find bugs in software blah blah blah. I'm not money crazy like some people but I ain't interested in finding the issues. Next

It also has nothing to do with "hacking" skills. They have put out a bounty for "bugs". You don't need to be a hcker to find bugs.

IE10 is full of glitches, at least on windows 7
and please guys, no fanboy "IE IZ DA BEST" replies, I'm experiencing a lot of glitches right now (blinking cursor, high memory usage, hangs, the tab arrow turns orange even if I hadn't opened any tabs that aren't in front of me...)

i really have some and i can hack the store ...like i can buy games or apps without pay....but who will warranty that microsoft will give the money :)