Office Insiders on Windows are being called into action to improve Microsoft Office. Today, the MSRC Team posted an announcement about launching a new Bug Bounty Program. Office Insiders involved in developing a more secure and efficient Office, similar to other programs before it.
Microsoft’s latest bug bounty invites hackers to find security vulnerabilities in Office Insider builds, the version of its productivity suite it tests with enthusiasts before general release. Redmond will be offering hackers between $500 and $15,000 for each bug they find and report in the Office Insider preview on Windows desktop.
The bounty runs between March 15 and June 17.
It even seems like a competition in some regards considering Microsoft will be awarding the bounty to the first eligible submission received.
What qualifies as an “eligible submission”? Microsoft has conveniently listed that off for us:
- Identify an original and previously unreported vulnerability in the current Office Insider build on a fully patched Windows 10 Desktop
- The vulnerability must reproduce on the most recent Office Insider slow build to qualify for a bounty (If a submission reproduces in a previous Office Insider slow build but not the current Office slow build available at the time of your submission, then the submission is ineligible)
- Include concise reproducibility steps that are easily understood. (This allows submissions to be processed as quickly as possible and supports the highest payment for the type of vulnerability being reported.)
- Include the Office version number and slow build number on which the vulnerability reproduces (To find the number, go to File -> Account -> Office update (version and build number) )
The Bug Bounty Program will only run for three months to June 15. If you’re interested in becoming involved, check out the full FAQ and read the program’s terms on Technet.
The post Microsoft opens the hunt with bug bounty program for Office Insider Builds on Windows appeared first on Enterinit - enter in Microsoft IT world.