There’s nothing like $30,000 to indicate that an app has made it to the large time.

Microsoft final week underscored the significance of Groups to its present and future strategic planning by inaugurating a brand new bug bounty program that can provide as much as $30,000 — twice the utmost of any Workplace utility — to safety researchers for reporting previously-unknown vulnerabilities.

Out the gate, the brand new program, carrying the prosaic label “Microsoft Purposes Bounty Program,” centered solely on the Groups desktop shopper. Different purposes will likely be introduced into this system, Microsoft mentioned, although no timeline was given.

In a web based doc that detailed the brand new bug bounty program, Microsoft listed 5 particular situations — “high-impact,” the corporate mentioned — that got here with rewards from $6,000 to $30,000. The most important bounty was for vulnerabilities described as “distant code execution (native code within the context of the present consumer) with no consumer interplay.”

Flaws in Groups that led to an “potential to acquire authentication credentials for different customers*(observe: doesn’t embody phishing)” would price a most of $15,000.

A price sheet of common bugs — from distant code execution vulnerabilities to spoofing or tampering — was additionally included, with rewards starting from $500 to $15,000, relying on the severity of the flaw, and the standard and thoroughness of the finder’s reporting.

Copyright © 2021 IDG Communications, Inc.

By Rana

Leave a Reply

Your email address will not be published. Required fields are marked *