Re-modelling their old paradigm, Microsoft has decided to push the walls of its ecosystem and do something it has never done before: the Windows maker has decided to crowdsource the discovery of security loopholes in Windows 8 and Internet Explorer 11, and is paying a bounty to researchers who find exploits. Simply put, Microsoft is making efforts to prevent Windows 8 from becoming a hackers’ playground, and inviting hackers aka researchers to discover the security flaws is seen as one of the best ways to do it.

Here’s the brief of Microsoft’s Windows bug bounty program, as described on company’s website:

1. Mitigation Bypass Bounty. Microsoft will pay up to $100,000 USD for truly novel exploitation techniques against protections built into the latest version of our operating system (Windows 8.1 Preview). Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would.

2. BlueHat Bonus for Defense. Additionally, Microsoft will pay up to $50,000 USD for defensive ideas that accompany a qualifying Mitigation Bypass submission. Doing so highlights our continued support of defensive technologies and provides a way for the research community to help protect more than a billion computer systems worldwide.

3. Internet Explorer 11 Preview Bug Bounty. Microsoft will pay up to $11,000 USD for critical vulnerabilities that affect Internet Explorer 11 Preview on the latest version of Windows (Windows 8.1 Preview). The entry period for this program will be the first 30 days of the Internet Explorer 11 beta period (June 26 to July 26, 2013). Learning about critical vulnerabilities in Internet Explorer as early as possible during the public preview will help Microsoft make the newest version of the browser more secure.

Giving his views on Microsoft’s Windows bug bounty program, HackAngle Editor Kyt Dotson says,

“All new software has new flaws, as we’ve seen from writing hacker news for SiliconAngle there’s always something to exploit. Part of development is testing (and a big part of DevOps is watching for the system to break) but also importantly is to give external people an enticement to attempt to break your system so that you can fix it.”

This is the first time that Microsoft is offering direct cash payouts in exchange for reporting vulnerabilities and exploitation techniques. While Mitigation Bypass Bounty and BlueHat Bonus for Defense are ongoing bounties, IE 11 Preview bug bounty is only open for 30 days.