Beta bug hunters can bag up to $30k in the Microsoft Edge Insider Bounty program
With a new beta of the Chromium-based version of Edge now available, Microsoft has unveiled details of a new bug bounty program for the browser.
Through the Microsoft Edge Insider Bounty it is possible to earn a maximum payout of $30,000 for discovering vulnerabilities in the Dev and Beta builds of Edge. Microsoft says that it intends to complement the Chrome Vulnerability Reward Program, meaning that any report that affects the latest version of Microsoft Edge but not Chrome will be eligible.
See also:
- Microsoft Edge Beta available to download now for Windows and macOS
- Chromium-based Microsoft Edge has more natural-sounding Read Aloud voices thanks to the cloud
- Privacy concerns raised that SmartScreen in Edge shares browsing history with Microsoft
Microsoft says that it is looking for "researchers to seek out and disclose any high impact vulnerabilities they may find in the next version of Microsoft Edge, based on Chromium". The new bug bounty program will run alongside the existing Microsoft Edge (EdgeHTML) on Windows Insider Preview bounty program.
Announcing the new program, Microsoft says that vulnerabilities that reproduce in the latest, fully patched version of Windows (including Windows 10, Windows 7 SP1 or Windows 8.1) or macOS may be eligible for the Microsoft Edge Insider bounty program.
Jarek Stanley, Senior Program Manager at MSRC, highlights:
- We aim to complement the Chrome Vulnerability Reward Program, so any report that reproduces on the latest version of Microsoft Edge but not Chrome will be reviewed for bounty eligibility based on severity, impact, and report quality.
- Valid reports affecting the next version of Microsoft Edge will receive a 2X bonus multiplier in the Researcher Recognition Program.
- Faster rewards: the new Microsoft Edge bounty program will provide bounty will award upon completion of reproduction and assessment of each submission.
Find out more and get involved over on the Microsoft Edge Insider Bounty Program page, and the Microsoft Edge (EdgeHTML) on Windows Insider Preview page.