As we announced last week, Microsoft is now offering $100,000 bounties for new exploitation techniques that can bypass our latest platform-wide defenses and up to $50,000 bonus bounties for defense ideas. We’re also offering (from now until July 26) bounties of up to $11,000 for critical security issues in Internet Explorer 11 Preview. Please see our main site for an overview of the three new bounty programs and our official guidelines. And don’t miss the SRD blog for a technical deep dive on what would make a good entry.
A few things to keep in mind when submitting entries to the new bounty programs:
- Please email your submissions and questions to secure [at] microsoft [dot] com.
- Our new bounties are available for new attack techniques and defenses that work on Windows 8.1 Preview, and critical vulnerabilities in IE 11 Preview. Please download our new OS and browser preview versions here.
- If you’re coming to Black Hat Las Vegas on July 31 and August 1 2013, please join us for live judging of Mitigation Bypass Bounty entries at the Microsoft booth both days. Watch this blog for details.
Good hunting everyone – in the spirit of helping us make our products more secure!
Katie Moussouris
Senior Security Strategist, Microsoft Security Response Center
on Twitter, https://twitter.com/k8em0 (that’s a zero).