Windows Users Can Report Vulnerabilities And Get Paid For It

Did you know that you can report Windows vulnerabilities and exploitation techniques to Microsoft and get paid for it? Microsoft’s Bounty Program helps the company harness the collective intelligence of Windows users to boost its security team performance and better protect customers.

Bounty programs are time-limited programs that apply only to certain OS versions and tools, helping Microsoft address vulnerabilities before the final version is complete and rolled out to the general public. The regular bounty rate is $15,000 but the most generous offer goes up to $100,000.

The Microsoft Bounty Programs have been around since June 2013, and the company has been offering bounties for certain classes of vulnerabilities reported by users. Yet, very few Windows users actually know such programs exists.

Calling all Microsoft friends, hackers, and researchers! Do you want to help us protect customers, making some of our most popular products better… and earn money doing so? Step right up!

There are five active Bounty Programs right now. The latest targets Microsoft .NET Core and ASP.NET Core bugs, and offers a total bounty of $15,000. The Redmond giant already announced that there would be some big changes coming to .Net Core version 2.0 in 2017, and security improvements are definitely on the list. You can now help Microsoft detect and patch NET Core and ASP.NET Core vulnerabilities and get paid for it.

All you need to do is report certain types of vulnerabilities and exploitation techniques used for the projects by sending an email at [email protected].

The full list of ongoing Bounty Programs includes:

Happy vulnerability hunting!

The full list of ongoing Bounty Programs includes:#

The full list of ongoing Bounty Programs includes: