Microsoft launched bug bounty program inviting anyone to identify and report security vulnerabilities in new Edge explorer based on Google’s Chromium

Briefing

Microsoft launched bug bounty program inviting anyone to identify and report security vulnerabilities in new Edge explorer based on Google’s Chromium

August 28, 2019

Briefing

  • Bug Bounty Program – Microsoft announced bug bounty program for new Edge explorer based on Chromium, Google’s open source project for web browsers, on August 20, 2019, inviting anyone around world to submit report on vulnerabilities that can affect user security
  • Chromium Edge – Next version of Microsoft Edge browser (first announced on December 6, 2018) drops EdgeHTML for Chromium, enhancing web compatibility for users and reducing fragmentation for web developers
  • $1,000-$30,000 Reward – Rewards range from $1,000-$30,000 depending on severity and impact of vulnerability and quality of submission, with single highest award in single category to be given in case of one individual providing multiple bug submissions
  • Quality Requirements – Must be reproducible and understandable, as well as enable engineers to fix issue either through concise writeup or video with proof-of-concept
  • Eligibility – Individual must be at least 14 years old, with parental or guardian consent if still a minor, or permission from employer or public sector organization, and not be a Microsoft employee or contractor within six months prior to submission

Accelerator

Business Model and Practices

Business Model
and Practices

Sector

Information Technology

Function

Research and Development

Organization

Microsoft Corp.

Source

Original Publication Date

August 20, 2019

Leave a comment