14 DAY TRIAL // Microsoft continues efforts to improve the security of its products with bug country programs, and today the company is including one more name on the list of applications waiting for security researchers to hack them for hefty rewards.
The software giant has announced that it will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds, saying that it’s willing to pay as much as $15,000 to hackers who find such flaws in the application and send them to the company.
Furthermore, if someone finds a flaw that’s already being known internally at Microsoft, the first one to report it gets $1,500, the company says, but only as long as the vulnerability is reproducible on the latest Windows Insider preview builds available to the slow ring.
Send your reports by May 15, 2017
The bounty program for Microsoft Edge kicked off on August 4 and runs until May 15, 2017, and it includes not only Microsoft Edge but also the open source sections of Chakra, the engine that powers the browser.
“This bounty continues our partnership with the security research community in working to secure our platforms, in pre-release stages of the development process. The Windows Insider program is built to help shape the future of Windows, and represents the latest in features, including new security features and mitigations,” Microsoft says.
With this program, Microsoft is trying to adopt the same strategy as for other products benefitting from better security thanks to bug bounty programs, especially as it’s aiming to offer a more secure alternative to the old Internet Explorer, often described as the most vulnerable browser on the market.
Microsoft Edge has recently been updated to version 14 thanks to the debut of the Anniversary Update, once again getting a long list of improvements, including security enhancements that help protect users against the most common threats. The next major update for Edge is planned for spring 2017, when Microsoft is projected to unveil the second wave of the Redstone update.