Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Microsoft extends bug bounty to cover Edge remote code exec

$1,500 up for grabs for those bold enough to bash browser

Microsoft has opened a remote code execution bug bounty for preview versions of its Microsoft Edge browser.

The Internet Explorer killer and hopeful challenger to Firefox and Safari -- Chrome dominates the browser space -- was released in March last year.

Microsoft will pay between $500 and $1,500 for remote code execution holes in Edge preview.

It will also, so says Redmond security ecosystem and strategic lead Jason Shirk, still pay for bugs Microsoft is internally aware of shelling out $1,500 for the first outsider reports of remote code execution holes in the pre-stable early release versions of Edge.

"Microsoft will be hosting a bounty for remote code execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds," Shirk says.

"This bounty continues our partnership with the security research community in working to secure our platforms, in pre-release stages of the development process."

The bounty will run from today until 15 May next year and award for bugs that are reproducible on the latest Windows Insider Preview (Slow track) builds.

Feature: The bug bounty boom.

It is the latest Microsoft bounty and joins a list that includes Online Services, Mitigation bypass, and Bounty for Defense bounty programs

"Bounties are worked alongside the security development lifecycle, operational security assurance framework, regular penetration testing of our products and services, and security and compliance accreditations by third party audits," Shirk says. "Start your fuzzers." ®

Similar topics

TIP US OFF

Send us news


Other stories you might like