Microsoft will pay you cash for hunting down specific vulnerabilities for Microsoft Edge in the Windows Insider program

edge bounty program extended man holding money
Microsoft’s Jason Shirk from the MSRC Team reports that the company has added another bounty program to its roster for bug hunters. This one targets possible remote code execution vulnerabilities within the version of Microsoft Edge that’s served up to participants in the Windows Insider program. For consumers, that means a good chunk of vulnerabilities will have already been tracked down and patched before a new version of the browser is released to the masses.

“This bounty continues our partnership with the security research community in working to secure our platforms, in pre-release stages of the development process,” Shirk writes. “The Windows Insider program is built to help shape the future of Windows, and represents the latest in features, including new security features and mitigations.”

The new Microsoft Edge bounty began on August 4, 2016, and will conclude on May 15, 2017. Bug hunters will be paid handsomely for their research, earning between $500 and $15,000. However, if they come across a qualifying vulnerability that was found internally by Microsoft, then the company will offer up to $1,500 for the first “external” individual who submits a report.

Additionally, all vulnerabilities uncovered by researchers must be reproducible on the latest version of Windows 10 in the Windows Insider program “slow ring.” For the uninitiated, the Windows Insider program is broken down into “fast,” “slow,” and “Release Preview” rings, with the first group getting builds as they’re completed, the second group receiving slightly more polished and stable builds at a slower rate, and the third group enjoying new features with little or no risk to their devices.

The new Microsoft Edge bounty joins a number of other programs Microsoft currently offers to researchers, including the Online Services Bug Bounty, the Nano Server Technical Preview Bug Bounty, the .NET Core and ASP.NET Core RC2 Bug Bounty, the Mitigation Bypass Bounty, and the Bounty for Defense program.

Previously, there was a Microsoft Edge Technical Preview Bug Bounty that began April 22, 2015, and ended on June 22, 2015. According to the listing, Microsoft paid between $1,500 and $15,000 for Remote Code Execution vulnerability discoveries, and for finding a Sandbox Escape vulnerability with Enhanced Protected Mode. Between $1,500 and $6,000 was paid for higher severity vulnerabilities in the browser or EdgeHTML, and a mere $500 was paid for ASLR Info Disclosure vulnerabilities in Edge or EdgeHTML.

“Our new bounty programs add expanded depth and flexibility to our existing community outreach programs,” states Microsoft. “Having these bounty programs provides a way to harness the collective intelligence and capabilities of security researchers to help further protect customers.”

Right now, the new Microsoft Edge bounty doesn’t appear on the Microsoft Bounty Programs website. Four of the bounties listed above are ongoing whereas the .NET Core and ASP.NET Core RC2 bug bounty ends on September 7, 2016. If you fall under the “hacker” and “researcher” umbrella and want to earn some cash, take a look at what Microsoft is offering. You’ll be helping us all out and banking some nice green bills in the process.

Product Review

You won't buy Microsoft's Surface Hub 2S, but it could still change your life

The Microsoft Surface Hub 2S wants to change the way you collaborate at work. That’s a lofty goal most devices fail to achieve, but the unique Hub 2S could be an exception. And trust us – you’re going to want it.

Microsoft accelerates carbon reduction plans in new sustainability push

Microsoft wants to accelerate its sustainability goal of becoming a zero-carbon company. To reach those goals, Microsoft is doubling its self-imposed carbon tax to incentivize business divisions in making sustainable choices.

Microsoft says hackers were able to view emails

Microsoft's email platform saw a massive breach that caused confidential data to be accessed by hackers for months. It now appears the problem might have been much worse than initially thought, and worse than Microsoft admitted.
Home Theater

Surface Buds? Microsoft might make AirPods competitors, joining Amazon and others

Microsoft is reportedly hard at work developing its own true wireless headphone model to compete with top offerings from Apple, Samsung, and others. It's aiming to take on the AirPods and Galaxy buds with its own pair of portable in-ears.

The number pad on HP’s Chromebook 15 makes spreadsheet work a breeze

HP's Chromebook 15 comes with a 15.6-inch display, a metal keyboard deck with full-size keys, and a dedicated number pad, making it the second Chromebook model, following Acer's Chromebook 715, to be suited for spreadsheet work.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

AMD’s 2020 Ryzen CPUs could have a big boost in power efficiency

The sequel to AMD's Zen 2-based Ryzen 3000 CPUs is slated for a 2020 release and when it arrives, could leverage the new Zen 3 architecture to deliver impressive gains to performance and power efficiency.

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.

Here's how you can download the best free music players for your Mac

Tired of your Mac's default music player? Take a look at our picks for the best free music players available for your Apple rig. Whether you're a casual listener or an audiophile, you're sure to find something that fits your needs here.

Want to make calls across the internet for less? Try these great VOIP services

Voice over IP services are getting more and more popular, but there are still a few that stand above the pack. In this guide, we'll give you a few options for the best VOIP services for home and business users.

Transform into the ultimate leader with our tips and tricks for Civilization 6

Civilization VI offers both series veterans and total newcomers a lot to chew on from the get-go. Here are some essential starting tips to help you master the game's many intricacies.

The iPhone’s Screen Time and Siri Shortcuts could land on Macs this year

For its desktop computers, it appears that Apple may continue to draw from the iPhone for inspiration. iOS 12 features, like Screen Time and Siri Shortcuts, are believed to be making their way to MacOS this year at WWDC in June.

Dell slashes prices of XPS 13 and Alienware 17 laptops in latest promo

Dell's latest promotion will score you big savings on the XPS 13 or the Alienware 17. The stylish XPS 13's discount is for $430, and only the rose gold model is on sale, while gamers who choose the Alienware 17 will save $860.

Lenovo’s Yoga C930 sale drops a $650 discount on its 2TB SSD laptop

Lenovo is offering one of its 2-in-1 laptops at a $650 discount. This Lenovo Yoga C930 laptop comes with a 2TB solid-state drive, a digital pen, a fingerprint reader, and a Dolby Atmos sound bar.