Microsoft launches bug bounty for Office previews

By

Testers have three months to score up to US$15,000.

Microsoft is inviting early adopters to hunt for vulnerabilities in initial builds of its Office productivity suite via a new bounty program.

Microsoft launches bug bounty for Office previews

Under the Microsoft Office Insider Builds on Windows Bounty Program, researchers who find reproducible vulnerabilities in the company's productivity suite can earn up to US$15,000 (A$19,480).

That amount is paid for vulnerabilites that allow for Office Protected View sandbox escapes, and macro execution through bypassing security policies in Word, Excel and Powerpoint.

The discovery of vulnerabilties that bypass the automatic attachment block policies in Outlook reaps rewards of up to US$9,000 (A$11,700) for each flaw.

Researchers must submit a proof of concept for their submitted vulnerabilties, and Microsoft will dock thousands off the payout if the report is of low quality.

The Office Insider bug bounty program will run from today until June 15 US time.

Microsoft's trustworthy computing team said the new program will complement its internal testing. 

The company currently operates seven different bug bounty programs. Of those, the biggest rewards are found in the mitigation bypass program, which solicits entries for novel exploitation techniques for Windows, and the related bounty for defence scheme, which offers up to US$100,000 per flaw.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?