Skip to main content

Microsoft offering up to $100,000 rewards for finding Windows 8.1 bugs

Microsoft offering up to $100,000 rewards for finding Windows 8.1 bugs

Share this story

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Microsoft has put a reward out for identifying bugs in the Windows 8.1 Preview in an effort to rid the upcoming release of any particularly nasty flaws that may have gone unnoticed. It's the first time that Microsoft has offered to pay for bug reports — a security measure that competitors like Google and Facebook have been taking for some time now. Microsoft is offering up to $100,000 for what it's calling "truly novel exploitation techniques," as well as smaller rewards for "critical vulnerabilities" in Internet Explorer 11 Preview and for methods that could defend against major exploits identified by the first bounty.

In the past, Microsoft has held individual contests that awarded cash prizes for identifying exploits, but this is the first time that it's held an open and ongoing call for bugs. Aside from rewarding security researchers, the practice of paying for exploits can also help to keep critical vulnerabilities off of the black market, where they can sell for thousands of dollars. But while Microsoft is finally adopting bug bounties, it's still keeping the scope fairly limited. Competitors such as Google, on the other hand, offer rewards for less-than-critical bugs as well.