How do you keep enterprising hackers from unloading exploits into the wild? Microsoft has been paying bounties to researchers who find and disclose security issues for a while. Now, it's expanded the program. At Black Hat, the company announced that it will double the size of payments it makes in its Bounty for Defense program, and it'll also be expanding the Online Services Bug Bounty to new areas of eligibility.
Let's say an exploit has been discovered in the wild, and Microsoft has mitigated (or patched) that exploit. If you can get around that mitigation, you have a submission for the company's Mitigation Bypass program, which could net you up to $100,000. Ideas for defending against further hacking efforts are eligible for the Bounty for Defense program, which has its own $100,000 maximum payout. Submissions that offer both a mitigation bypass and a defensive idea would receive both bounties. These bounties are only good for attacks on the latest version of Windows, so those of you interested in submitting your brilliant ideas need to cover Windows 10.
The Online Service Bug Bounties program has been expanded to include Azure Active Directory and the Microsoft Account service, in addition to Office 365 and the other Azure services that were previously eligible. The bounty for online service bugs has also been raised temporarily, from its normal $500-$15,000 to a maximum payout of $30,000 until October 5. You better get—ehrm—cracking.
|Aerocool's Project 7 P7-C1 Pro case reviewed||6|
|Google Project Tango is dead—long live ARCore||3|
|Thermaltake Sync box bridges RGB LED walled gardens||3|
|Intel tips off potential 960 GB and 1.5 TB Optane SSD 900Ps||6|
|Sapphire Nitro+ Radeon RX Vegas put a big chill on spicy-hot chips||15|
|Antec P110 Silent touts quiet looks and quiet operation||10|
|Updated LG Gram laptops put heavy-duty power into feathery bodies||14|
|Monkey Day Shortbread||10|
|Thursday deals: a nice Z370 mobo, a huge VA display, and more||6|
|My first born son will be named fenghuang. I will raise him in the way of zen. Thus it is written, thus it shall be done.||+24|