Skip to main content
  1. Home
  2. Computing
  3. News

Make some serious cash finding bugs with Microsoft's Office Insider Bug Bounty program

Mark Coppock
By

ubuntu
Image used with permission by copyright holder
There’s probably no better way to find security bugs than to offer money to the people who actually use software on a daily basis to do just that. That’s why companies like Microsoft and Google offer increasingly significant amounts of money through reward programs aimed at discovering and then fixing vulnerabilities.

Microsoft has its lucrative Bug Bounty program for Windows that just saw its reward double to $30,000 for anyone identifying a verified exploit. Now, the company has announced a new program that offers some serious cash to users of its Office productivity suite for Windows Desktop.

Recommended Videos

The new Office Insider Bug Bounty program will pay anyone using the Insider slow ring builds up to $15,000 for finding security bugs before they have a chance to make their way to the production version. The kinds of bugs for which Microsoft will pay out include:

  • Elevation of privilege via Office Protected View.
  • Macro execution by bypassing security policies to block macros.
  • Code execution by bypassing Outlook automatic attachment block policies.

Go here to dig into the details of how Microsoft will determine eligibility and how you need to submit your bugs. These particular bugs are viewed as likely to be the most prominent and most likely to affect Office users. Macros and email attachments are common vectors of attack on all Office platforms.

Related

Before you spend too much time looking for bugs, here’s a list of vulnerabilities that will not be covered:

  • Vulnerabilities in anything earlier than the current Office Insider slow build on Windows Desktop.
  • Vulnerabilities in user-generated content.
  • Vulnerabilities requiring extensive or unlikely user actions.
  • Vulnerabilities found by disabling existing security features.
  • Vulnerabilities in components not installed by Office.
  • Vulnerabilities in third-party components that might be installed on the system that enable the vulnerability.
  • Vulnerabilities about escaping Protected View where Protected View is explicitly not activated in Office code or enabled by default for the reported scenario.
  • Vulnerabilities in the Application container.
  • Any other category of vulnerability that Microsoft determines to be ineligible, in its sole discretion.

The Microsoft Office Bug Bounty program will last from March 15, 2017, through June 15, 2017. Payouts will range from $500 to $15,000, and of course, there are important terms and conditions to keep in mind. You also need to be a member of the Office Insider program utilizing an Insider slow ring build of Office for Windows Desktop.

You can sign up to be an Office Insider here. Go to File > Account and look under Office Updates to check which version you’re running. Click on Office Insider and select Change Level to move from one ring to another or remove yourself from the Office Insider program.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
How to convert WMA to MP3 on Mac, Windows, and Web
The JBL Tune 760NC wireless headphones on someone's head.

Remember when Windows Media Player ruled the earth? Before the world was inundated with versatile playback tools like VLC and countless other platforms, most users flocked to the built-in OS media players provided by Windows and Apple (the latter being the minds behind QuickTime). In fact, you’ve probably come across a handful of WMA files in your life of using computers.

Read more
The 6 best laptops for realtors in 2024
Asus Zenbook 14 OLED front view showing display and keyboard.

If you're a realtor, trying to find a good laptop can be just as challenging as finding the perfect home for your clients. Not only do you need something that looks professional and can withstand the daily demands of the modern work environment, but it also needs to be portable and durable. After all, there's a good chance you'll be lugging it around with you to your showings, so a clunky laptop simply won't cut it.

That means you'll need a laptop that's portable, reliable, responsive, and boasts a professional design that'll impress your clients. That's quite the checklist – but thankfully, there are plenty of great laptops for realtors that fit all these criteria.

Read more
The most common Skype problems and how to fix them
best mac apps for small business skype

Skype is an excellent option for video chats with your friends and family or conducting a videoconference call with your colleagues.  However, Skype is not without its bugs, hiccups, and issues that can make getting face-to-face with someone seem like an ordeal. To make things easier on everyone, we've compiled a selection of the most common Skype problems and how to fix them.
Video not working
If you can't get your camera to work or experience issues seeing other's connections, you might as well be using an actual telephone instead of Skype. Thankfully, these issues can usually be resolved with a bit of tinkering on your end, or they may just be service disruptions on Skype's end.

One of the more common problems that crop up is visual issues due to Skype not having access to your PC or phone's camera. For desktop users, open the Skype application and select the Three horizontal dots near the notification bell icon to access the Skype menu. Select Settings > Audio and video. If your picture fails to appear in the Skype camera preview window, you'll know there's a connection issue.

Read more