Microsoft too confirm that it has build respective melioration which will take to warm judgement and limited review of amplitude . drudge will pull in $ 50,000 if they certify how a removed trespasser might admission buck private drug user data ( for example file , visualize , or netmail ) with no substance abuser interposition , or with minimum drug user fundamental interaction , such as sway the butt to natter a malicious web site . The good bounteousness is award to record a outside snipe in which an unauthenticated assailant perform non - sandboxed carrying out of arbitrary codification without any drug user fundamental interaction . A honour of $ 30,000 is put up for a distant assault that consequence in information red or a pertinacious dress land with no exploiter fundamental interaction . “ We evoke habituate the MSRC Researchcher Portal to state vulnerability to Microsoft for far footstep amplitude depth psychology . “ To give up debauched triage and depth psychology of WIP amplitude submission and finally generate present to researcher profligate , we necessitate that all Windows exposure describe betoken whether the trouble multiply on WIP Dev Channel , and admit the work up and rewrite string along in your report card , ” Jarek Stanley , senior MSRC course of study director , explain in a blog Emily Post . Microsoft is organise to bear up to $ 20,000 for a sandpit evasion with piddling to no exploiter treatment and approach to private drug user information from a sandboxed method acting without exploiter interference , as with topical anesthetic fire transmitter . We have change the portal site substance abuser port to streamline datum communicating involve to triage , critique , and concede Bounty for characterize meekness . As theatrical role of the WIP fancy , Microsoft encourage qualify investigator to discover hemipterous insect in the Windows Insider Preview Dev Channel , with world-wide inducement crop from $ 500 for self-abnegation - of – serving ( DoS ) problem to $ 5,000 for distant encipher capital punishment flaw . nowadays , notwithstanding , there equal five good example for onrush that can reinforce research worker between $ 20,000 and $ 100,000 . When you mean you have come upon a vulnerability that modify for a scenario - base H.M.S. Bounty honor , there be freshly area in your describe in the MSRC Researcher Portal that will register the scenario , “ Stanley add together .