News

Microsoft Extends $15,000 per-Bug Bounty Program

Microsoft is extending their MS Office Bounty Program until the end of 2017. The program originally was only to last until June 15. However, the software giant is happy with their engagement with the security community that an extension makes sense. The program’s introduction in March includes a $500 minimum with up to $15,000 per-bug bounty. Which is for for any valid vulnerabilities and zero-day flaws in the Microsoft Office Insider slow build. Of course, this is on a full patch Windows 10 desktop operating system. Plus, there is a stipulation that Microsoft must be able to replicate it.

To sweeten the deal further, they are increasing the minimum bounty to $6,000, while the cap is still at $15,000. It is easy to assume that the the easier bugs have already been found, leaving only some harder to find ones. Increasing the bounty should help motivate the security community further. In the bounty terms available on the TechNet blog, Microsoft is specifically looking for zero-day problems including privilege escalation through Office Protected View, macro execution which bypasses security barriers designed to block macros, and remote code execution bugs, among others.

How does Microsoft Set the Payment Amounts?

If multiple submissions of the same bug report from several parties come in, the bounty only goes to the first eligible submission. However, if the duplicate report provides additional information that helps the vulnerability investigation, they may still provide a reward.

For more information on the terms of the bounty, visit the MS Office Insider bounty program page at: https://technet.microsoft.com/en-us/mt797549.aspx

Ron Perillo

Disqus Comments Loading...

Recent Posts

Nvidia’s GeForce RTX 5090 Possible Price Revealed

According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…

11 hours ago

AMD Krackan Processor with 6 Zen 5 and Zen 5c Cores for Budget AI Laptops Leaked

A new AMD processor in the form of an engineering model has been leaked in…

11 hours ago

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

11 hours ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

15 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

15 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

15 hours ago