Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft’s extended Edge bug bounty program offers rewards up to $15K

By

Man holding money
Microsoft said Wednesday that it’s extending the Microsoft Edge bounty program indefinitely. The program rewards individuals who submit vulnerabilities discovered in a “preview” version of the Microsoft Edge browser served up to Windows Insiders (slow ring). Thanks to this bounty program — and the helpful “bug hunters” — the final builds of Microsoft Edge released to the general public are even more secure.

“Over the past 10 months, we have paid out over $200,000 USD in bounties,” the company said. “This collaboration with the research community has resulted in significant improvements in Edge security, and has allowed us to offer more proactive security for our customers.”

Recommended Videos

Microsoft first began dishing out bug bounties in 2013. The first paid up to $100,000 for “novel exploitation techniques” against the Windows operating system. Another paid up to an additional $50,000 for submitting “BlueHat” ideas for defending Windows against the techniques used in the first bounty. The third program paid up to $11,000 for the discovery of critical vulnerabilities in the Internet Explorer 11 Preview.

Last August, Microsoft established its Edge bounty program to help discover Remote Code Execution vulnerabilities in preview builds of Microsoft Edge that were served up to the Windows Insider program. Dishing out up to $15,000 in cash, the program was originally slated to end on June 30, 2017. But now that it’s an ongoing program, it will join the Bounty for Defense, the Mitigation Bypass Bounty, Online Services Bug Bounty, and two other ongoing bounties in Microsoft’s lineup. Microsoft’s bounty for Office vulnerabilities ended on June 15.

According to Microsoft, the Edge browser bounty was so productive that the deadline was lifted indefinitely at the company’s discretion.

“Microsoft is committed to delivering secure products to our customers, and this bounty program helped us achieve that goal,” Microsoft said. ”We received many high-quality reports in Edge during this 10-month program. which helped keep our customers secure.”

All bounties related to Microsoft Edge will range in from $500 to $15,000. If an individual submits a qualifying vulnerability already discovered internally by Microsoft (and not yet reported), then the company will hand over a maximum cash wad of $1,500 to the first qualifying submission. All vulnerabilities must be reproducible on the latest Windows 10 preview build provided on the Windows Insider Slow Ring. Vulnerabilities relating to older builds will be deemed ineligible.

Microsoft indicates that it’s capable of paying out more than $15,000 for the Edge bounty program. The larger sum will be at Microsoft’s “sole discretion” and based on “entry quality and complexity.” Otherwise, submissions with a “high” report quality will see up to $15,000 in payment, while low-quality submissions will see up to $1,500 in payment.

Editors’ Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more
HP printers are heavily discounted in Best Buy’s flash sale
The HP - OfficeJet Pro 8034e Wireless All-In-One Inkjet Printer on a desk with a smartphone.

There’s good news in store if you’re looking to land a new printer at a discount this weekend. Best Buy is having a 48-hour flash sale on HP printers, with several that can compete with the best printers seeing some good prices. HP is almost always one of the best laptop brands, and it’s one of the same when it comes to printers. So if you’re looking for a new home or office printer, read onward on how to save on an HP printer at Best Buy.
HP DeskJet 2755e — $60, was $85

The HP DeskJet 2755e is a good entry-level printer. It’s got you covered if your printing needs are pretty basic, or if you don’t need to print in mass. This is a color InkJet printer, which makes it good for almost all uses. It can also make copies and scan in color, and it has mobile and wireless printing functionality. You can get set up quickly and easily with the HP Smart app that guides you through the setup process, and you can also use this app to print, scan and copy documents from your phone.

Read more
This tiny ThinkPad can’t quite keep up with the MacBook Air M2
Lenovo ThinkPad X1 Nano Gen 3 rear view showing lid and logo.

While the laptop industry continues to move toward 14-inch laptops and larger, the 13-inch laptop remains an important category. One of the best is the Apple MacBook Air M2, with an extremely thin and well-built chassis, great performance, and incredibly long battery life.

Lenovo has recently introduced the third generation of its ThinkPad X1 Nano, one of the lightest laptops we've tested and a good performer as well. It's stiff competition, but which of these two diminutive laptops stands apart?
Specs and configurations

Read more