Microsoft Introduces New Bug Bounty Program

Microsoft introduces a new bug bounty program on Wednesday; offering upto $500 to $15000 for valid submissions. The program begins from 20th Oct 2015 and ends on Jan 20th next year. Vulnerability program is for CoreCLR and ASP.NET 5 betas.

The company urged all hackers and security researchers to report vulnerabilities in its Core CLR and ASP.NET 5 betas, Its open source web application framework for OS X, Linux and Win. The reward will depend on how severe the vulnerability is reported by the researcher.

In a blog post  published today a senior director of Microsoft Security Response Center said; “This bounty is particularly interesting because the libraries and functions included in .NET enable developers to write their own programs with great security and stability, increasingly on many operating systems”.

The company has previously open short term bounty programs and receive huge response from security researchers. Last year Microsoft introduced where researchers are rewarded for reporting the vulnerabilities of Microsoft online services; eg: Office 365.

The criteria has been defined for the participants of this bounty program.

  •  The candidate who report any vulnerability should be 14 years old.
  •  The researcher should not be a part of any organization that permits him from participation. 
  • Researcher should not be the resident of US sanction countries; like North Korea,Iran. 
  • Participant should not be the employee of Microsoft or any of its subsidiary.

The reward of the submitted vulnerability will be decided by the Security Team; according to its quality and complexity. If the same bug was reported by more than one researcher then the bounty will be rewarded to the first submission.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...