Project Spartan browser.
It seems like Redmond don’t want to take a chance to let hackers and cyber criminals get their hands on the company’s latest Windows 10 operating system.
On Wednesday, Microsoft announced that the company will be expanding its bug bounty program ahead of the release of Windows 10, which will include a two-month hunt for vulnerabilities in its new web browser, Project Spartan.
So, it's time for security researchers and hackers to earn extra cash from Microsoft.
For those who are unaware… What’s Project Spartan?
Project Spartan is Microsoft’s project for its new web browser to replace the oldest Internet Explorer from its Windows operating system.
Though the project is still very much under the developmental stage, Microsoft is making every effort to make Spartan better and better as a browser.
The day Microsoft launched this project till now, the browser has received as much steady stream of improvements as it could give a tough competition to Google’s Chrome web browser.
As it is said, the first impression is the last impression. Therefore, the technology giant is offering several payout categories which starts from $500 and ends with the top reaching bug bounty amount of $15,000 (11,000 Euro) for eligible vulnerabilities in Spartan, which includes…
…Remote Code Execution (RCE) bugs, Sandbox Escapes as well as design-level security bugs.
You have time beginning today till June 22, 2015 to submit your bug reports to the company. So don’t be late.
Also, those hackers and researchers who submitted vulnerability reports since the beginning of 2015 would also be rewarded if the discovered vulnerabilities meet the eligibility criteria.
This new bug bounty program also offers payouts for vulnerabilities in Microsoft’s Azure cloud platform, and Sway Web application tool, Jason Shirk of Microsoft’s Security Response Center says in a blog post.
The bug bounty offer for Azure will cover cloud services, virtual machines, Active Directory, storage and much more.
Microsoft is also offering up to $100,000 USD to bypass active mitigations (such as ASLR and DEP) in the company’s latest released version of the operating system, and "a bonus of up to $50,000 USD for actionable defense techniques to the reported bypass," Microsoft says.
So play, discover and submit your findings by including all your details in an email to firstname.lastname@example.org based on the company’s requirements on this page.