Bug Bounty Program with $15,000 rewards come to Office Insider Builds

On the Technet blog Microsoft has announced a new bug bounty program for Office Insider builds on Windows aimed at finding security vulnerabilities in the productivity suite during the design phase before it hits general consumers.

The types of vulnerabilities awarded include:

  • Elevation of privilege via Office Protected View
  • Macro execution by bypassing security policies to block macros
  • Code execution by bypassing Outlook automatic attachment block policies

The full list can be seen here.

The program will run for three months from March 15 to June 15, 2017  and bounty payout during the period will be range between $6,000 to $15,000 USD. Vulnerabilities should be submitted to secure@microsoft.com.

Microsoft recently initiated a similar program for their Outlook and Office 365 online sites, paying out up to $30,000. For more information on Microsoft’s other bug bounty programs can be found here.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

Source Related
Comments