Tuesday, November 5, 2024
HomeBug BountyMicrosoft Edge Insider Bounty Program - Researchers can Earn up to US$30,000

Microsoft Edge Insider Bounty Program – Researchers can Earn up to US$30,000

Published on

Malware protection

Microsoft announced Edge Insider Bounty Program for Chromium-based version of Edge to uncover the vulnerabilities that are unique to Edge.

Researchers who detect high impact vulnerabilities with the latest version of the edge will get rewards up to US$30,000 for finding vulnerabilities in Dev and Beta channels. The bounty rewards range between $1,000 to $30,000.

Microsoft said that the new bounty program will run along with the existing Microsoft Edge (EdgeHTML) on Windows Insider Preview bounty program.

- Advertisement - SIEM as a Service

The vulnerabilities discovered in the latest & fully patched version of Windows & macOS are eligible for Microsoft Edge Insider bounty program.

“Researchers who provide submissions that do not qualify for bounty awards may still be eligible for public acknowledgment of their submission leads to a vulnerability fix,” Microsoft added.

Bounty Program Highlights

  • We aim to complement the Chrome Vulnerability Reward Program, so any report that reproduces on the latest version of Microsoft Edge but not Chrome will be reviewed for bounty eligibility based on severity, impact, and report quality.
  • Valid reports affecting the next version of Microsoft Edge will receive a 2X bonus multiplier in the Researcher Recognition Program.
  • Faster rewards: the new Microsoft Edge bounty program will provide bounty will award upon completion of reproduction and assessment of each submission.

Vulnerabilities and Rewards

  • Critical vulnerabilities in Microsoft Edge (Chromium-based) Beta and Dev channels are rewarded up to $30,000.
  • Vulnerabilities such as remote code execution and design issues are rewarded up to $15,000.

“We’re excited to expand our bounty programs today to include the next version of Microsoft Edge and continue to grown and strengthen our partnership with the security research community,” says Jarek Stanley, Senior Program Manager, MSRC.

Recently Apple expands its bug bounty program to cover all operating systems that include macOS, watchOS, tvOS, iPadOS, and iCloud along with the iOS bug bounty program.

Sponsored:  â€“ Manage all the Endpoint networks from a single Console.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical Arc Browser Vulnerability Let Attackers Execute Remote Code

Arc's Boosts feature lets users customize websites with CSS and JavaScript. While JavaScript Boosts...

New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites

HTTP Request Smuggling is a flaw in web security that is derived from variations...

The Problem With Bug Bounties

A Technically Skilled individual who finds a bug faces an ethical decision: report the...