How to get Microsoft to give you up to $100,000

Let me preface by saying: this isn’t easy but if you have an ardor for reverse-engineering, hacking, or finding vulnerabilities in software, then you could earn up to $100,000 for discovering security flaws in Windows 8.1 Public Preview.

No joke.

The Lowdown

On June 26th, 2013, the release date of Windows 8.1, Microsoft will launch a security bounty program in an effort to make the public preview version of Windows virtually impenetrable to attack.

I think it’s a smart move because Microsoft is leveraging the collective talents of geeks on a global scale.  The reward is substantive, earns bragging rights, and helps Microsoft close vulnerabilities before the final version becomes Generally Available the fourth quarter of this year.

In addition, soliciting help from the outside will keep the security team objective in its analysis.  Despite the Security Development Lifecycle (SDL) process built into its software design process, it still behooves Microsoft to have an army of disinterested testers working to improve the OS.

Microsoft will also pay up to $50,000 for testing with defensive technologies and up to $11,000 for finding critical vulnerabilities in Internet Explorer 11 on Windows 8.1 Public Preview.

How to enter and increase your chances of winning

The key to a winning submission is to delineate a unique procedure that would allow a hacker to exploit protected memory even with the advanced security features of Data Executive Prevention (DEP), Address Space Layout Randomization), and Structured Exception Handling Overwrite Protection (SEHOP) in place.

These three technologies coalesce to create a shield that makes it pretty difficult for attackers to reliably exploit the operating system.

Your job is to break this triad of security technologies.

These are advanced tasks and are exacerbated by a few factors:

  1. Your white paper needs to be detailed.  In other words, it needs to demonstrate the exploit against a real world remote code execution vulnerability and the outcome needs to be reliable.
  2. The exploit has to be applicable against the latest version of Microsoft; sorry – Windows XP doesn’t apply here.
  3. It also needs to include your recommendations for mitigating the exploit.

The best submissions that have the greatest chance of being reviewed have:

  1. A detailed description of the Root Cause
  2. A proof of concept that reliably reproduces the problem.

If you’re still interested, I encourage you to explore the details of the bounty program and read the official report on the Microsoft Security Response Center (MSRC).

The Bottom Line

The bounty program certainly isn’t for everyone but it offers a big incentive for those who have the skills to find software breaches and repair them.  The advantage is huge: you get to side with the Senior Security Strategists at Microsoft, aka, the Blue Hats, and flex your mental muscles to make an impact in the largest software company on the planet.

About

Connect with Vonnie on Twitter

Posted in News Tagged with: