Microsoft Says No To Paying Bug Bounties 148
Trailrunner7 writes "In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000
range, there have been persistent rumors in the security community that Microsoft soon would follow suit and start paying bounties as well. However, a company official said on Thursday that Microsoft was not interested in paying bounties. 'We value the researcher ecosystem, and show that in a variety of ways, but we don't think paying a per-vuln bounty is the best way. Especially when across the researcher community the motivations aren't always financial. It is well-known that we acknowledge researcher's contributions in our bulletins when a researcher has coordinated the release of vulnerability details with the release of a security update,' Microsoft's Jerry Bryant said."