Microsoft and Google increase bug bounty payouts

No Comments

money-bag

Keen as ever to squash any security issues and bugs that might arise in their software, both Microsoft and Google have announced increases in their bug bounty program payouts. Microsoft has doubled some awards, while Google has used others to make knowing jokes.

Two increased rewards from Google include "leet" references. Find a Remote Code Execution bug and you could bag yourself $31,337 (up from $20,000); execute "Unrestricted file system or database access" and you could earn $13,337 (up from $10,000). While Google's increases are permanent, however, Microsoft's are just temporary.

Microsoft is doubling Office 365-related big bounty rewards for two months. This means that the maximum payout jumps from $15,000 to $30,000, but you only have from now until 1 May to take advantage of the increase. Writing about the decision to offer more money to bug hunters, Microsoft says:

Keeping in line with our philosophy of protecting users and awarding researchers, we are pleased to announce an update to our Online Services bounty program. We will be giving out double rewards for security vulnerabilities from March 1, 2017 to May 1, 2017 for eligible vulnerabilities submitted in Exchange Online and Office 365 Admin Portal.

These properties are core web applications in the Office 365 suite.  Securing Exchange Online, Microsoft’s hosted enterprise e-mail solution, is vital to customer security as it is the gateway to accessing critical user information such as email, calendars, contacts and tasks for any endpoint device. Office 365 admin portal is the web management interface for managing tenant access. This portal is an important piece in protecting tenants and tenant admins from compromise.

A handful of domains are covered by the bounty doubling:

  • portal.office.com
  • outlook.office365.com
  • outlook.office.com
  • outlook.live.com
  • *.outlook.com

You can read the full details in Microsoft's post on the MSRC blog.

Details of Google's bounty programs can be found over on its VRP site.

Image credit: Africa Studio / Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

Microsoft tries to calm fears after Edge update also appeared to install Copilot in Windows Server

MenteeBot is an AI-powered humanoid robot coming to your home and workplace in 2025

CISOs not changing priorities in response to AI threats

80 percent of companies don't have sufficient cyber insurance

Get 'Windows Server 2022 & PowerShell All-in-One For Dummies' (worth $30) for FREE

Cybercriminals take aim at ERP apps

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

60 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

15 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.