Microsoft previously launched a bug bounty program, when global security researchers found zero-day vulnerabilities and other security flaws in Windows and Microsoft software, Microsoft will pay for these discoveries. A new blog post recently published by Microsoft digs deeper into the program, showing that Microsoft awarded $13.7 million in bug bounties over the past 12 months.
According to Microsoft, the $13.7 million prize was shared by more than 330 security researchers in 46 countries. The maximum reward associated with Hyper-V is $200,000 (approximately 1.348 million RMB). In addition, Microsoft says that the average reward for all bug bounty programs is about $12,000. For reference, Microsoft paid a similar amount in 2020.
But now there are two updated bounty programs, more researchers and qualifying reports between two years. As an upgrade to the Bug Bounty Program, Microsoft has introduced a new research challenge and high-impact attack scenario to reward research focused on the most critical areas of its products.