San Francisco, July 27: To ensure Windows 10 is secure and bug-free, Microsoft has announced a fresh round of Windows Bounty Programme that will reward the bug finders up to $250,000 if they are able to discover exploits in Microsoft's virtualisation software. Bounty payouts will range from $500 to $250,000. Microsoft has been running the bounty programme since 2012 but the company is expanding it to cover more ground in Windows 10. According to a blog post on the company's website late on Wednesday, any critical or important class remote code execution, elevation of privilege or design flaws that compromises a customer's privacy and security will receive a bounty.
"Security is always changing and we prioritise different types of vulnerabilities at different points in time. Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities," the blog post read. The other focus areas include 'Mitigation Bypass' (things that break Microsoft's security sandboxing), 'Windows Defender Application Guard', 'Microsoft Edge' and 'Windows Insider Preview'. "If a researcher reports a qualifying vulnerability already found internally by Microsoft, a payment will be made to the first finder at a maximum of 10 per cent of the highest amount they could've received," the company announced. Other tech giants like Google, Facebook and Apple have also employed the same tactics to detect bugs and exploits.