This is the Trace Id: 40477c184316097440acf26dcbf8b181
Skip to main content

Microsoft Hyper-V Bounty Program


The Microsoft Hyper-V bounty program invites researchers across the globe to find and submit vulnerabilities that reproduce in eligible product versions of Microsoft Hyper-V. Qualified submissions are eligible for awards from $5,000 to $250,000 USD. 

This bounty program is subject to these terms and those outlined in the Microsoft Bounty Terms and Conditions.


The goal of the Microsoft Bug Bounty program is to uncover significant vulnerabilities that have a direct and demonstrable impact on the security of our users.

Vulnerability submissions provided to Microsoft must meet the following criteria to be eligible for bounty award:

  • Identify a vulnerability that was not previously reported to Microsoft.
  • Include clear, concise, and reproducible steps, either in writing or in video format, providing our engineering team the information necessary to quickly reproduce, understand, and fix the issues
    • Find examples here
  • Include the impact of the vulnerability
  • Include an attack vector if not obvious


  • Hyper-V on the latest build of Windows on the Windows Insider Preview slow ring
  • Hyper-V on the latest available version of Windows Server
  • Hyper-V isolation containers

The Hyper-V Bounty is specifically aimed at finding vulnerabilities in Hyper-V that affect server hosting scenarios (such as Azure). Various Hyper-V client scenarios (such as WDAG) are covered under different bounties. 

The Hyper-V bounty is focused on: 

  • Components and features of Hyper-V that are used in server hosting scenarios (both traditional virtual machines and Hyper-V Isolation Containers). 
  • The assumption that the Virtual Machine is on a separate VLAN than the host so there is no possibility to attack network services that are running on the host. 
  • The assumption that the host will not be interacting with the Virtual Machine in a manner that is atypical when hosting servers. For example, the host will not use enhanced session mode to interact with the virtual machine. 
  • If you have any questions regarding Hyper-V scope please reach out to


Bounty awards range from $5,000 up to $250,000. Higher awards are possible, at Microsoft’s sole discretion, based on the impact and severity of the vulnerability, and the quality of the submission. Researchers who provide submissions that do not qualify for bounty awards may still be eligible for public acknowledgment if their submission leads to a vulnerability fix, and points in ourResearcher Recognition Program

A high-quality report provides the information necessary for an engineer to quickly reproduce, understand, and fix the issue. This typically includes a concise write-up containing any required background information, a description of the bug, and a proof of concept. We recognize that some issues are extremely difficult to reproduce and understand, and this will be considered when adjudicating the quality of a submission.



Remote Code Execution

An eligible submission includes a RCE vulnerability in Microsoft Hyper-V that enables a guest virtual machine to compromise the hypervisor, escape from a guest virtual machine to the host, or escape from one guest virtual machine to another guest virtual machine.


Vulnerability Type Functioning Exploit Report Quality Payout range (USD)*










Denial of Service and Information Disclosure

The vulnerability should result in one of the following:
  • Crash the host machine, resulting in a denial of service condition
  • Cause a failure to start and stop VMs
  • Gain sensitive information from the host machine or another guest
Vulnerability Type Report Quality Payout range (USD)





Info Disclosure






Microsoft is happy to receive and review each vulnerability report on a case-by-case basis, but some vulnerability types may not qualify for bounty reward. Here are some of the common low-severity or out of scope issues that typically do not earn bounty rewards: 

  • Publicly-disclosed vulnerabilities which are already known to Microsoft and the wider security community.
  • Hardware and firmware issues.
  • Vulnerabilities that can only be triggered by an attacker running code on the host.
  • Vulnerabilities that require the Hyper-V VM to send network traffic to host listeners. For example, this includes, without limitation attacks against the hosts TCP, SMB or RPC stack. Attacks against the virtualized network stack (for example, this includes, without limitation VMSwitch) are in scope.
  • Vulnerabilities based on third-party code. For example, this includes, without limitation Docker and Kubernetes.
  • Vulnerabilities in deprecated features; for example, this includes, without limitation, RemoteFX. 
  • Vulnerabilities in Legacy Network Adapter (Generation 1) and Fibre Channel Adapter  
  • Vulnerabilities that can only be triggered when the guest is connected to via the RDP protocol. For example, this includes, without limitation RDP or Enhanced Session Mode.
  • Vulnerabilities in deprecated features. For example, this includes, without limitation, RemoteFX.
  • Vulnerabilities that cannot be triggered when Hyper-V is used to host traditional virtual machines (Generation 1 or 2) or Hyper-V isolation containers.
  • Vulnerabilities that require the following configuration changes to be made by a Hyper-V administrator:
    • Enabling an undocumented feature or undocumented configuration. For example, this includes, without limitation enabling an experimental feature or using an undocumented configuration that intentionally puts the system in an insecure state.
    • Enabling a feature/configuration that is only intended for out-of-scope scenarios. This includes, without limitation enabling a feature only intended for use with WDAG on a traditional VM.

Unsure if a feature is in scope for award? Contact us a with any questions.



For additional information please see our FAQ.
  • If we receive multiple bug reports for the same issue from different parties, the bounty will be granted to the first submission.
  • If a duplicate report provides us new information that was previously unknown to Microsoft, we may award a differential to the duplicate submission.
  • If a submission is potentially eligible for multiple bounty programs, you will receive the single highest payout award from a single bounty program.
  • Microsoft reserves the right to reject any submission at our sole discretion that we determine does not meet these criteria.



  • May 31, 2017: Program Launch
  • December 7, 2018: Revision History added.
  • January 22, 2019:  Added Hyper-V isolation containers to the bounty scope. 
  • March 15, 2019: Added examples to Tier 2 definition and specified third party code vulnerabilities as out of scope.
  • April 13, 2020: Removed Remotefx® from bounty scope. 
  • February 23, 2021: Changed RCE vulnerabilities that only occur when all virtual processors are stopped to Tier 3 unless a working exploit is demonstrated.
  • November 8, 2021: Clarified in-scope products and clarified out-of-scope issues.
  • January 25, 2022: Consolidated Scope and Bounty Awards, and added researcher guidance. 


Thank you for participating in the Microsoft Bug Bounty Program!