Microsoft vulnerability reward increased by 30% bounty

Microsoft has always had a set of vulnerability bounty program, for the discovery of serious impact on the system security of the user to provide a high reward, currently, Microsoft again increased the strength of the reward.

Recently, Microsoft announced two new bounty program, in the original maximum of $ 20,000 bounty on the basis of the increase of up to 30% additional bounty, so that the maximum bounty reached $ 26,000.

Microsoft said they hope that these new bounty rewards will encourage researchers to focus on vulnerabilities that have the greatest potential impact on customer privacy and security.

However, for vulnerabilities that are not considered high impact, Microsoft said they will still be able to receive bounties under the general rewards program, and can also receive higher rewards based on the severity of the reported vulnerability and the quality of the submission.

Some users believe that Microsoft has increased the bounty for vulnerabilities, which proves that Microsoft is now overwhelmed by the existence of high-risk vulnerabilities in the Windows system and needs to rely on users to complete the inspection of bugs.

It is worth mentioning that Microsoft is not "flawless" in terms of bounty, there was a security researcher, because Microsoft withholding their share of the bounty for vulnerabilities, open a wide range of system privileges vulnerability.