Skip to main content

Microsoft doubles bug bounty reward, white hats can now earn $100,000

microsoft doubles bug bounty reward white hats can now earn 100000  chromawise
A couple of days on from the official release of Windows 10, Microsoft has raised the rewards for some of its bug bounty programs, which it hopes will help keep its systems more secure.

Most notably Microsoft has doubled the maximum fees for the Bounty for Defense from $50,000 to $100,000. It has also extended its Online Services Bug Bounty to include authentication vulnerabilities, where discoveries are now eligible for a double payment.

Microsoft said the changes came in response to feedback from the security research community. The company made the announcement at last week’s Black Hat cybersecurity conference in Las Vegas, which it called “part of the rigorous security programs at Microsoft.”

Many tech and software companies run bug bounty programs to entice ethical hackers to disclose any bugs or vulnerabilities in their software to the company in exchange for a cash reward, rather than go public with the information.

Oftentimes hackers have to meet strict criteria in order to claim their prize, like agreeing to not disclose any information about the bug before telling the company or rigorously proving the dangers of their findings if they want to get paid.

Microsoft has been steadily expanding its bug bounties over the years. In April of this year, it introduced programs covering Microsoft Azure and a bounty for the preview of Microsoft Edge ahead of its release.

Bug bounty rewards can vary wildly from company to company. Yahoo for example has smaller rewards going for around $100, while their maximum rewards can hit $20,000. United Airlines offers flight miles to researchers. Mozilla meanwhile pays up to $10,000 for “novel” vulnerabilities and exploits depending on how rare or dangerous the bug is.

Editors' Recommendations

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Yelp is offering ‘nice’ hackers up to $15,000 to squash its bugs
social media privacy apps settlement yelp phone 0001

White-hat hackers take note – another money-making opportunity has just landed.

Review site Yelp has, perhaps not before time, announced a public bug bounty program with a top payout of $15,000.

Read more
Apple plays catch-up with a bug bounty program coming in September
apple store logo

Google, Facebook, and Microsoft all have had bug bounty programs for quite some time. Hackers and security enthusiasts work to find bugs and exploits, and in return they receive large cash prizes. While Apple has been willing to accept vulnerability disclosures, it has never explicitly offered cash awards for them. Not anymore.

Announced at the Black Hat conference, Apple will unveil a program in September that will offer a cash reward for people who discover exploits and vulnerabilities in its suite of products, according to TechCrunch. The program will focus on Apple's most recent products, meaning iOS 10 and the new devices rumored to launch in the fall.

Read more
Google will pay you $100K if you can pull off the ultimate Chrome hack
school computers chromebooks more than apples budgetlaptops acerchromebook15

Google has doubled the top reward in its bug bounty program for Chrome from $50,000 to $100,000 in the hopes of encouraging more white hat hackers to collaborate on patching bugs and vulnerabilities.

The Chrome Reward Program, which was launched six years ago, invites hackers to try and compromise the security of Chrome devices and Chrome OS.

Read more