Microsoft’s Edge Insider Bounty Program is inviting cybersecurity experts across the world to identify vulnerabilities in the Chromium Edge browser. It is also promising rewards ranging from from $1,000 to $30,000 depending on the severity and impact of the bug. Also Read - Best laptops to buy under Rs 35,000 in October 2021: Asus VivoBook 15, Avita PURA, more
Microsoft wants experts to discover vulnerabilities in the Chromium Edge only. And is not looking for vulnerabilities in any other browser based on the same engine. “We welcome researchers to seek out and disclose any high-impact vulnerabilities they may find in the next version of Microsoft Edge, based on Chromium. And offer rewards up to the US $30,000 for eligible vulnerabilities in Dev and Beta channels,” Jarek Stanley, senior program manager at Microsoft, said in a post. Also Read - Arm-based notebook PC processor market could grow to $949 million in 2021
The Redmond-based company is offering rewards in various tiers. Spoofing and tampering reports can earn anywhere between $1,000 and $6,000. Information disclosure and remote code execution can earn between $1,000 and $10,000. And elevation of privilege will rake in between $5,000 to $15,000. Lastly, $30,000 will be given in exchange for finding a combination of an Elevation of Privilege flaw and a Windows Defender Application Guard container escape, DigitalTrends reports. Also Read - Best laptops under Rs 30,000 in October 2021: Lenovo V14, ASUS VivoBook 14, more
High-quality submissions will earn more than low-quality ones. A high quality submission needs to offer the necessary information to easily replicate and fix a bug. This usually entails a concise write-up or video that contains background information, a description of the vulnerability, and a proof of concept.
Microsoft recently launched Chromium-based Edge beta for Windows 10, 7, 8/8.1 and macOS.
With Inputs from IANS