The company urged all hackers and security researchers to report vulnerabilities in its Core CLR and ASP.NET 5 betas, Its open source web application framework for OS X, Linux and Win. The reward will depend on how severe the vulnerability is reported by the researcher.
In a blog post published today a senior director of Microsoft Security Response Center said; “This bounty is particularly interesting because the libraries and functions included in .NET enable developers to write their own programs with great security and stability, increasingly on many operating systems”.
The company has previously open short term bounty programs and receive huge response from security researchers. Last year Microsoft introduced where researchers are rewarded for reporting the vulnerabilities of Microsoft online services; eg: Office 365.
The criteria has been defined for the participants of this bounty program.
- The candidate who report any vulnerability should be 14 years old.
- The researcher should not be a part of any organization that permits him from participation.
- Researcher should not be the resident of US sanction countries; like North Korea,Iran.
- Participant should not be the employee of Microsoft or any of its subsidiary.
The reward of the submitted vulnerability will be decided by the Security Team; according to its quality and complexity. If the same bug was reported by more than one researcher then the bounty will be rewarded to the first submission.