Mitigation Bypass and Bounty for Defense Terms
Microsoft is pleased to announce the launch of the Microsoft Mitigation Bypass Bounty and Bounty for Defense Program beginning June 26, 2013. Through this program, individuals across the globe have the opportunity to submit a novel mitigation bypass against our latest Windows platform, and are also invited to submit a defense idea that would block an exploitation technique that currently bypasses the latest platform mitigations. Under this program, qualified mitigation bypass submissions are eligible for payment of up to $100,000 USD and qualified defensive techniques are eligible for a bounty of up to $100,000, for a total of up to $200,000 USD. All bounties will be paid out at Microsoft’s discretion.
If you are submitting a new mitigation bypass technique that you have found in an active attack, please note that that we have a similar but separate program for you, and the terms appearing here are aimed at individuals submitting their own idea for a new mitigation bypass technique.
If you are submitting your own idea, please read the full terms below and then send your entry for consideration to email@example.com. If you are submitting a technique you found in use in an active attack, you must first pre-register with us by emailing us at firstname.lastname@example.org and email@example.com for further details.
WHAT CONSTITUTES AN ELIGIBLE SUBMISSION FOR MITIGATION BYPASS?
Eligible bypass submissions will include a white paper or a brief document explaining the exploitation method and target one of the following scenarios:
Eligible bypass submissions are permitted to make use of known methods of exploitation in their exploit and whitepaper, but a novel exploitation method must be an integral and required component of enabling reliable remote code execution. Submissions must clearly distinguish the novel aspects of the exploitation method being described.
Eligible product versions for Microsoft Hyper-V include Windows Server 2012 R2, the latest available Windows Server 2016 Technical Preview, Windows 10, and the latest available Windows 10 Insider Preview build. Hardware and firmware issues are not in scope at this time.
The vulnerability must both be submitted on and reproduce on the recent Windows 10 Insider Preview slow ring (WIP slow) in order to qualify for a bounty.
Eligible bypass submissions must be capable of exploiting a user mode application that makes use of all the latest mitigations supported by the Windows platform which includes:
Eligible bypass submissions must demonstrate and describe an exploitation method that meets the following criteria:
All qualified submissions are eligible to receive up to $100,000 USD. Submissions with a proof of concept, functioning exploit, detailed write up and/or a whitepaper will be eligible for higher rewards.
The payment levels for eligible Hyper-V submissions will be based upon the following:
WHAT CONSTITUTES AN ELIGIBLE BOUNTY FOR DEFENSE SUBMISSION?
Bounty for Defense submissions (“defense submissions”) provided to Microsoft must meet the following criteria to be eligible under this program:
Eligible defense submissions will include a technical whitepaper to describe the defense idea that could effectively block an exploitation technique that currently bypasses either the latest platform mitigations or a defensive submission that blocks exploits that is not in the latest platform.
BOUNTY PROGRAM FREQUENTLY ASKED QUESTIONS AND PROGRAM REQUIREMENTS
It is your responsibility to comply with the Microsoft Bounty Program – Comprehensive Terms listed in the FAQ. Please see the Microsoft Bounty Program FAQ to get detailed instructions on:
Thank you for participating in the Microsoft Bug Bounty Program!
About the Program