Microsoft has announced that its bringing changes to the Windows Insider Preview bug bounty program by increasing the highest potential reward money to a whopping $100,000. In addition to increasing the bounty for hunting bugs in Windows Insider Preview, the company has also revamped the bug bounty program portal to make it easy for researchers to submit bugs.
The Microsoft Windows Insider Preview Bug Bounty Program, launched in 2017, initially offered rewards in the price range of $500 and $15,000, but now the maximum reward has been increased to $100,000. The program offers an opportunity for bug bounty hunters to report bugs in Windows Insider Preview in various products, including Microsoft Edge, Windows Defender Application Guard, Hyper-V, and Mitigation Bypass.
Microsoft will offer the highest reward for “Unauthenticated non-sandboxed code execution with no user interaction.” The next reward in line offers $50,000 for demonstrating “unauthorized access to private user data with little or no user interaction.” The revamped program now also includes five new scenario-based rewards.
“While we are refocusing the WIP bounty program to defend and protect customers from these five high risk exploit scenarios, we continue to offer bounties for other valid vulnerability reports that do not qualify for scenario-based awards,” Microsoft says in the blog post announcing the revamped bug bounty program.
With bad actors trying to outsmart developers, the bug bounty program would help the Redmond-based company in keeping its consumers safe from attacks by offering rewards to security researchers for spotting and reporting bugs in the developer channel.
If you want to participate in the Microsoft Windows Insider Preview bug bounty program, you can report the bug on the MSRC Researcher Portal.