Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft’s extended Edge bug bounty program offers rewards up to $15K

By

Man holding money
Image used with permission by copyright holder
Microsoft said Wednesday that it’s extending the Microsoft Edge bounty program indefinitely. The program rewards individuals who submit vulnerabilities discovered in a “preview” version of the Microsoft Edge browser served up to Windows Insiders (slow ring). Thanks to this bounty program — and the helpful “bug hunters” — the final builds of Microsoft Edge released to the general public are even more secure.

“Over the past 10 months, we have paid out over $200,000 USD in bounties,” the company said. “This collaboration with the research community has resulted in significant improvements in Edge security, and has allowed us to offer more proactive security for our customers.”

Recommended Videos

Microsoft first began dishing out bug bounties in 2013. The first paid up to $100,000 for “novel exploitation techniques” against the Windows operating system. Another paid up to an additional $50,000 for submitting “BlueHat” ideas for defending Windows against the techniques used in the first bounty. The third program paid up to $11,000 for the discovery of critical vulnerabilities in the Internet Explorer 11 Preview.

Last August, Microsoft established its Edge bounty program to help discover Remote Code Execution vulnerabilities in preview builds of Microsoft Edge that were served up to the Windows Insider program. Dishing out up to $15,000 in cash, the program was originally slated to end on June 30, 2017. But now that it’s an ongoing program, it will join the Bounty for Defense, the Mitigation Bypass Bounty, Online Services Bug Bounty, and two other ongoing bounties in Microsoft’s lineup. Microsoft’s bounty for Office vulnerabilities ended on June 15.

According to Microsoft, the Edge browser bounty was so productive that the deadline was lifted indefinitely at the company’s discretion.

“Microsoft is committed to delivering secure products to our customers, and this bounty program helped us achieve that goal,” Microsoft said. ”We received many high-quality reports in Edge during this 10-month program. which helped keep our customers secure.”

All bounties related to Microsoft Edge will range in from $500 to $15,000. If an individual submits a qualifying vulnerability already discovered internally by Microsoft (and not yet reported), then the company will hand over a maximum cash wad of $1,500 to the first qualifying submission. All vulnerabilities must be reproducible on the latest Windows 10 preview build provided on the Windows Insider Slow Ring. Vulnerabilities relating to older builds will be deemed ineligible.

Microsoft indicates that it’s capable of paying out more than $15,000 for the Edge bounty program. The larger sum will be at Microsoft’s “sole discretion” and based on “entry quality and complexity.” Otherwise, submissions with a “high” report quality will see up to $15,000 in payment, while low-quality submissions will see up to $1,500 in payment.

Editors’ Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Perplexity AI: how to use the ‘answer engine’ that’s taking on Google
Talking with Perplexity chatbot on Nothing Phone 2a.

Offering a unique take on web search, Perplexity has been a hit among its users (and a bane to its sources) since its debut last year. It's certainly become one of the most popular new AI tools to check out, perhaps second only to ChatGPT itself, which it's powered by.

Here's how the generative AI "answer engine" works and how to get started on using it.
What is Perplexity AI?
Perplexity AI Digital Trends

Read more
This HP Chromebook is just $199 at Best Buy in last minute Cyber Week sales
The HP Chromebook.

Despite Black Friday and Cyber Monday being behind us, there are still some great Chromebook deals going on right now. That means you can buy an HP 15.6-inch Chromebook at Best Buy for 50% off. The basic but good looking Chromebook normally costs $399, but right now, you can save $200 and snag it for $199. Perfect for typing up documents while on the move or browsing the web, it’s good for any student on a tight budget. Here’s why you might want it.

Why you should buy the HP 15.6-inch Chromebook
HP makes some of the best Chromebooks around, and while the HP 15.6-inch Chromebook in question here isn’t exactly high-end, it’s well-designed and sturdily built. The specs are predictably low-end, but it does the job with ChromeOS working well with minimal hardware. There’s an Intel N200 CPU with 8GB of memory and 64GB of eMMC storage. Basic stuff, sure, but just what’s needed at this price point. Read up on the differences between a Chromebook and laptop and you’ll soon see what we mean and why this level of hardware will be just fine.

Read more
ChatGPT explores ads as it works toward 1 billion users
A person typing on a laptop that is showing the ChatGPT generative AI website.

More users and more profit -- that's the aim for ChatGPT going into 2025.

ChatGPT has broken into the top 10 websites on the internet according to some statistics, and a new report says it's pursuing the lofty 1 billion user milestone in the coming year. The company plans to do this primarily by investing in its own data centers, in addition to deploying several advertising strategies, according to the Financial Times.

Read more