Hack Microsoft Edge Browser on Windows 10 and Get Paid

[Batu69]

Microsoft has launched Edge RCE bug bounty program

   Microsoft Edge in Windows 10 Anniversary Update

 

Microsoft continues efforts to improve the security of its products with bug country programs, and today the company is including one more name on the list of applications waiting for security researchers to hack them for hefty rewards.

The software giant has announced that it will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds, saying that it’s willing to pay as much as $15,000 to hackers who find such flaws in the application and send them to the company.

Furthermore, if someone finds a flaw that’s already being known internally at Microsoft, the first one to report it gets $1,500, the company says, but only as long as the vulnerability is reproducible on the latest Windows Insider preview builds available to the slow ring.

Send your reports by May 15, 2017

The bounty program for Microsoft Edge kicked off on August 4 and runs until May 15, 2017, and it includes not only Microsoft Edge but also the open source sections of Chakra, the engine that powers the browser.

“This bounty continues our partnership with the security research community in working to secure our platforms, in pre-release stages of the development process. The Windows Insider program is built to help shape the future of Windows, and represents the latest in features, including new security features and mitigations,” Microsoft says.

With this program, Microsoft is trying to adopt the same strategy as for other products benefitting from better security thanks to bug bounty programs, especially as it’s aiming to offer a more secure alternative to the old Internet Explorer, often described as the most vulnerable browser on the market.

Microsoft Edge has recently been updated to version 14 thanks to the debut of the Anniversary Update, once again getting a long list of improvements, including security enhancements that help protect users against the most common threats. The next major update for Edge is planned for spring 2017, when Microsoft is projected to unveil the second wave of the Redstone update.

Article source

[straycat19]

More fun to find flaws and share them with other hacker groups so people can be a thorn in Microsoft's arse!  Ho Ho Ho and a bottle of rum, being a pirate is so much fun!

 

7 hours ago, Batu69 said:

With this program, Microsoft is trying to adopt the same strategy as for other products benefitting from better security thanks to bug bounty programs, especially as it’s aiming to offer a more secure alternative to the old Internet Explorer, often described as the most vulnerable browser on the market.

 

They're just kidding.  Look how many years IE has been around and they couldn't secure it.  33 years and they can't even make a secure Windows OS.  Their track record speaks for itself.  Every time they fix something they create another flaw (or 20) that make it even less secure.   I use ABEM  (Any Browser Except Microsoft's)

 

 

[Holmes]

I think this is a good idea and I dont know why you must take a shit on it stray.