Microsoft extends Edge Bounty Program, will continue indefinitely
1 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Over the past 10 months, Microsoft has paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. When Microsoft announced this Edge Bounty Program last year, they said that this program will run August 4, 2016 through May 15, 2017. Last month, Microsoft announced that they are extending the end date of this program to June 30, 2017. Today, Microsoft announced that they are changing this program from a time bound to a sustained bounty program and it will continue indefinitely on Microsoft’s discretion.
Vulnerability type | Proof of concept |
Report Quality | Payout range (USD) * |
Remote Code Execution in Microsoft Edge on recent builds of WIP slow |
Required | High | Up to $15,000 |
Required | Low | Up to $1,500 | |
Violations of W3C standards that compromise privacy or integrity of important user data. |
Required | High | Up to $6,000 |
This includes:
|
Required | Low | Up to $1,500 |
This does not include:
|
If you are a security researcher, you can earn payments for eligible submissions based upon the following:
You can find more details about this program here.
User forum
0 messages