Microsoft awarded $13.6 million to security researchers by ability of bug bounty applications in all places in the final three hundred and sixty five days

by

Briefly: Microsoft in all places in the final 12 months has paid out $13.6 million in bug bounty awards to 341 security researchers in virtually 60 international locations around the area. That’s down ever so a piece of from ultimate three hundred and sixty five days’s numbers, despite Microsoft adding two original applications to the combo.

In its three hundred and sixty five days in review, Microsoft acknowledged the long-established quantity per award all over all applications became as soon as more than $10,000. The ultimate single award became as soon as $200,000, under the Hyper-V Bounty Program, which spans three sorts of vulnerabilities: far off code execution, info disclosure and denial of service. That program’s description notes that the final word conceivable award is $250,000, so it seems to be nobody hit the jackpot in all places in the final three hundred and sixty five days.

In entire, Microsoft obtained 1,261 eligible vulnerability reports throughout the 12-month duration all over its 17 various bounty applications.

Interestingly ample, this three hundred and sixty five days’s stats are powerful like ultimate three hundred and sixty five days’s. Within the old three hundred and sixty five days-long duration, Microsoft awarded a entire of $13.7 million to 327 researchers spanning 1,226 eligible reports. Appropriate esteem this past three hundred and sixty five days, the final word single award became as soon as $200,000.

Since ultimate three hundred and sixty five days’s file, Microsoft has added two original bug bounty and analysis applications. The Microsoft Functions Bounty Program (Groups Desktop) launched in March 2021 adopted by the SIKE Cryptographic Divulge which arrived good ultimate month. The Windows Insider Preview Bounty Program, in the intervening time, became as soon as up to this level in July 2020 and the Analysis Recognition Program became as soon as up to this level this past February.