Skip to main content

Microsoft’s extended Edge bug bounty program offers rewards up to $15K

Man holding money
Image used with permission by copyright holder
Microsoft said Wednesday that it’s extending the Microsoft Edge bounty program indefinitely. The program rewards individuals who submit vulnerabilities discovered in a “preview” version of the Microsoft Edge browser served up to Windows Insiders (slow ring). Thanks to this bounty program — and the helpful “bug hunters” — the final builds of Microsoft Edge released to the general public are even more secure.

“Over the past 10 months, we have paid out over $200,000 USD in bounties,” the company said. “This collaboration with the research community has resulted in significant improvements in Edge security, and has allowed us to offer more proactive security for our customers.”

Microsoft first began dishing out bug bounties in 2013. The first paid up to $100,000 for “novel exploitation techniques” against the Windows operating system. Another paid up to an additional $50,000 for submitting “BlueHat” ideas for defending Windows against the techniques used in the first bounty. The third program paid up to $11,000 for the discovery of critical vulnerabilities in the Internet Explorer 11 Preview.

Last August, Microsoft established its Edge bounty program to help discover Remote Code Execution vulnerabilities in preview builds of Microsoft Edge that were served up to the Windows Insider program. Dishing out up to $15,000 in cash, the program was originally slated to end on June 30, 2017. But now that it’s an ongoing program, it will join the Bounty for Defense, the Mitigation Bypass Bounty, Online Services Bug Bounty, and two other ongoing bounties in Microsoft’s lineup. Microsoft’s bounty for Office vulnerabilities ended on June 15.

According to Microsoft, the Edge browser bounty was so productive that the deadline was lifted indefinitely at the company’s discretion.

“Microsoft is committed to delivering secure products to our customers, and this bounty program helped us achieve that goal,” Microsoft said. ”We received many high-quality reports in Edge during this 10-month program. which helped keep our customers secure.”

All bounties related to Microsoft Edge will range in from $500 to $15,000. If an individual submits a qualifying vulnerability already discovered internally by Microsoft (and not yet reported), then the company will hand over a maximum cash wad of $1,500 to the first qualifying submission. All vulnerabilities must be reproducible on the latest Windows 10 preview build provided on the Windows Insider Slow Ring. Vulnerabilities relating to older builds will be deemed ineligible.

Microsoft indicates that it’s capable of paying out more than $15,000 for the Edge bounty program. The larger sum will be at Microsoft’s “sole discretion” and based on “entry quality and complexity.” Otherwise, submissions with a “high” report quality will see up to $15,000 in payment, while low-quality submissions will see up to $1,500 in payment.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
This Asus laptop handily beats the XPS 13 — and it’s cheaper
The Zenbook S 14 on a table in front of a grass lawn.

Windows manufacturers have been hungering for a chipset that can keep up with Apple's very fast and efficient M3 architecture. Enter Qualcomm with its Snapdragon X and Intel with iLunar Lake. Each aims at providing better battery life with good performance, as well as adding faster on-device AI speeds to support Microsoft's Copilot+ PC initiative.

The XPS 13 9345 is among the first Qualcomm laptops and the Zenbook S 14 is the first Lunar Lake laptop that we've reviewed. This makes it an important battle to see which platform can make it to our list of the best laptops.
Specs and configurations

Read more
Here are the 10 best gaming keyboards I’d recommend to anyone in 2024
A custom keyboard sitting among keycaps and switches.

Whether you want to gain a competitive edge or just mess around with some RGB lighting, you'll need one of the best gaming keyboards. Although the old guard of brands like Corsair, SteelSeries, and Razer still make some excellent gaming keyboards, the competition is fierce in 2024, with smaller brands rising up to push the market of gaming keyboards forward.

An excellent example of that is our top pick, Asus' ROG Strix Scope II 96, which elevates gaming keyboards to an enthusiast level while maintaining a mainstream price. Although it's the top gaming keyboard for most people, it isn't the best for everyone. After putting our fingers on dozens of different gaming keyboards, these 10 are the only ones you should keep in mind.

Read more
Nvidia’s CEO — yes, one person — is now worth more than all of Intel
Jensen Huang at GTX 2020.

Nvidia is one of the richest companies in the world, so it's no surprise that the company's CEO, Jensen Huang, is quite wealthy. The most recent net worth numbers from Forbes puts into context just how wealthy the executive really is, though. Huang has an estimated net worth of $109.2 billion, which is around $13 billion more than the market cap of Intel across the entire company.

Although Nvidia makes some of the best graphics cards, the obscene amount of money the company has racked up over the past two years stems from its AI accelerators. In 2020, Forbes estimated that Huang was worth $4.7 billion, and even in 2023, after ChatGPT had already exploded onto the scene, the executive was worth $21.1 billion. Now, Huang is the 11th richest person in the world, outpacing Bill Gates, Michael Dell, and Michael Bloomberg.

Read more