timothy from the like-mel-gibson-in-ransom dept.
Trailrunner7 writes "In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000
range, there have been persistent rumors in the security community that Microsoft soon would follow suit and start paying bounties as well. However, a company official said on Thursday that Microsoft was not interested in paying bounties. 'We value the researcher ecosystem, and show that in a variety of ways, but we don't think paying a per-vuln bounty is the best way. Especially when across the researcher community the motivations aren't always financial. It is well-known that we acknowledge researcher's contributions in our bulletins when a researcher has coordinated the release of vulnerability details with the release of a security update,' Microsoft's Jerry Bryant said."
Loan-department manager: "There isn't any fine print. At these
interest rates, we don't need it."