Windows Insider Preview is not required.” “Vulnerabilities that reproduce in the latest, fully patched version of Windows (including Windows 10, Windows 7 SP1 or Windows 8.1) or MacOS may be eligible for the Microsoft Edge Insider bounty program. “The goal of the Microsoft Edge (Chromium-based) Insider Bounty Program is to uncover vulnerabilities that are unique to the next Microsoft Edge which have a direct and demonstrable impact on the security of our customers,” Microsoft said. In-scope flaws include elevation of privilege flaws, remote code execution, information disclosure and other vulnerabilities.
Researchers can earn between $1,000 up to $30,000 for finding critical or important vulnerabilities in Microsoft Chromium Edge Beta and Dev channels. “We’re excited to expand our bounty programs today to include the next version of Microsoft Edge and continue to grow and strengthen our partnership with the security research community,” Jarek Stanley, senior program manager at Microsoft, said in a Tuesday post.“We welcome researchers to seek out and disclose any high-impact vulnerabilities they may find in the next version of Microsoft Edge, based on Chromium, and offer rewards up to US $30,000 for eligible vulnerabilities in Dev and Beta channels.” Now, with the Tuesday release of the beta version of the new browser, Microsoft has also extended its existing Edge bug -bounty program to now include the “Microsoft Edge Insider Bounty,” aimed at whacking any security issues in this latest version. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its previous EdgeHTML proprietary browser engine. Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live.
0 kommentar(er)
