Chromium-based Edge beta brings bug bounty

By on
Chromium-based Edge beta brings bug bounty

Up to US$30,000 for finding critical flaws in next-gen web browser.

Microsoft has released the first beta of the next version of its web browser Edge, and along with it, a new bounty program with rewards for finding bugs.

The upcoming browser is released to Windows Insider early adopters and is based on the open source Chromium framework, unlike the current version that is built with Microsoft's EdgeHTML technology.

Depending on the type of flaw found, bug bounty hunters can earn up to US$30,000 for a criticial elevation of privilege vulnerability combined with a Windows Defender Application Guard (WDAG) container escape.

Other privilege escalation bugs can earn finders up to US$15,000 for critical severity flaws, and between US$5,000-$10,000 for vulnerabilities rated as important, Microsoft said.

Even though Google's Chrome is built with the same technology, Microsoft said that vulnerabilities reported must be unique to Edge based on Chromium.

As such, flaws found that are reproducible in Chrome are not eligible for rewards.

The bug bounty for the Chromium-based Edge will run alongside an existing program for the current version, Microsoft said.




Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?