News

Microsoft Extends $15,000 per-Bug Bounty Program

Microsoft is extending their MS Office Bounty Program until the end of 2017. The program originally was only to last until June 15. However, the software giant is happy with their engagement with the security community that an extension makes sense. The program’s introduction in March includes a $500 minimum with up to $15,000 per-bug bounty. Which is for for any valid vulnerabilities and zero-day flaws in the Microsoft Office Insider slow build. Of course, this is on a full patch Windows 10 desktop operating system. Plus, there is a stipulation that Microsoft must be able to replicate it.

To sweeten the deal further, they are increasing the minimum bounty to $6,000, while the cap is still at $15,000. It is easy to assume that the the easier bugs have already been found, leaving only some harder to find ones. Increasing the bounty should help motivate the security community further. In the bounty terms available on the TechNet blog, Microsoft is specifically looking for zero-day problems including privilege escalation through Office Protected View, macro execution which bypasses security barriers designed to block macros, and remote code execution bugs, among others.

How does Microsoft Set the Payment Amounts?

If multiple submissions of the same bug report from several parties come in, the bounty only goes to the first eligible submission. However, if the duplicate report provides additional information that helps the vulnerability investigation, they may still provide a reward.

For more information on the terms of the bounty, visit the MS Office Insider bounty program page at: https://technet.microsoft.com/en-us/mt797549.aspx

Ron Perillo

Disqus Comments Loading...

Recent Posts

Still Wakes the Deep 

LIVE THE HORROR: An immersive disaster story aboard a stunningly realised North Sea oil rig,…

4 hours ago

PHILIPS 275V8LA – 27 Inch QHD Monitor

The Philips VA LED display uses an advanced multi-domain vertical alignment technology that gives you…

4 hours ago

EPOMAKER Ajazz AK820 Pro 75% Gasket-mounted Mechanical Keyboard 

【TFT Screen: The Interactive Interface】This 75% mechanical keyboard comes equipped with a TFT Screen, serving…

4 hours ago

Funko Fusion

FANDOM FUSION Play as your favorite characters and wield their unique weapons and skills. Team…

4 hours ago

Shin Megami Tensei V: Vengeance Standard Edition

The Definitive Version of Shin Megami Tensei V - Fully evolved with stunning visuals for…

4 hours ago

Hand Warmers Rechargeable 2 Pack

【Unique Split Design】5200mAh hand warmers rechargeable together with double-sided heating function, split snap swivel design,…

4 hours ago