Microsoft boosts bug bounties to $135k with Windows 10

Microsoft is using the aftermath of its Windows 10 operating system launch to clean up any areas where buggy imperfections might be still lurking.

The recharged Microsoft Bounty for Defense programme will now offer US$100,000 (A$135,000) as a direct payment to any individual that has helped reinforce the firm's defence systems and related technologies.

Specifically, Microsoft will pay up to US$100,000 for insight into what it calls "truly novel exploitation techniques" that can be used to act against protections built into the latest version of its operating system.

The firm says it is making a concerted effort to try and learn about new exploitation techniques earlier. This approach helps Microsoft improve security ‘"by leaps" instead of capturing one vulnerability at a time - as a traditional bug bounty alone might typically achieve.

“Our new bounty programmes add expanded depth and flexibility to our existing community outreach programmes. Having these bounty programmes provides a way to harness the collective intelligence and capabilities of security researchers to help further protect customers,” said Microsoft in a statement on its own TechNet site.

Back in November 2013, Microsoft initiated the Mitigation Bypass Bounty and the Bounty for Defense. It continued expanding its bounty programmes and in September 2014 announced the Online Services Bug Bounty programme.

Last week Microsoft security architect Jason Shirk wrote the revised bug bounty scheme "will be part of the rigorous security programmes at Microsoft".

"Bounties will be worked alongside the Security Development Lifecycle (SDL),vOperational Security Assurance (OSA) framework, regular penetration testing of our products and services, and Security and Compliance Accreditations by third party audits," he said.

Antoine Feriaux, enterprise solutions consultant for EMEA at Accellion say Windows 10 tackles several inherent security and operational issues that have blighted the platform for some time.

“Application vetting and biometric authentication – including facial recognition - are the main new security features at the centre of Windows 10, representing a major shift from Windows 8 which centred on the implementation of touch and the Metro user interface technology,” Feriaux told SCMagazineUK.com.