Announcing new Bug Bounty Program for Office Insider Builds on Windows

Brink

Brink

Administrator
Staff member
Local time
1:37 PM
Messages
74,889
Location
Oklahoma
We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows.The Office Bug Bounty Program complements our continuous internal engineering investments that include designing secure features through threat modeling, security in code reviews, security automation, and internal penetration testing.

The Microsoft Cloud and Online Services Bounty Program has helped us identify elusive vulnerabilities and provided a way to reward the individuals actively partnering with us to protect our customers. We want to continue incentivizing research around design and logic and reward deeper thought in important areas of Office.

Office Insider Builds give users early access to the latest Office capabilities and security innovation. By testing against these early builds, issues can potentially be found prior to production release. This helps improve quality and protect customers.

How it works

  • Types of vulnerabilities awarded and their details are listed in the Microsoft Office Insider Builds on Windows Bounty Program Terms, including:
    • Elevation of privilege via Office Protected View
    • Macro execution by bypassing security policies to block macros
    • Code execution by bypassing Outlook automatic attachment block policies
  • The program duration is for three months from March 15 to June 15, 2017
  • Bounty payout ranges during this period will be $6,000 to $15,000 USD
Call to action: send your vulnerabilities to [email protected]

As always, the most up-to-date information about the Microsoft Bounty Programs can be found at Access Denied and in the associated terms and FAQs.

We look forward to seeing you at Cansecwest 2017 on March 15th and sharing more about the program.

Tom Gallagher and Akila Srinivasan
Click to expand...


Source: Announcing the new Bug Bounty Program for Office Insider Builds on Windows – MSRC

See also:
 

My Computer My Computer

At a glance

64-bit Windows 11 Pro for WorkstationsIntel i7-8700K OC'd to 5 GHz64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600...ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self built custom
OS
64-bit Windows 11 Pro for Workstations
CPU
Intel i7-8700K OC'd to 5 GHz
Motherboard
ASUS ROG Maximus XI Formula Z390
Memory
64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
Graphics Card(s)
ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Sound Card
Integrated
Monitor(s) Displays
2 x Samsung Odyssey G7 27"
Screen Resolution
2560x1440
Hard Drives
1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
PSU
Seasonic Prime Titanium 850W
Case
Thermaltake Core P3
Cooling
Corsair Hydro H115i
Keyboard
Logitech wireless K800
Mouse
Logitech MX Master 4
Internet Speed
2 Gb/s Download and 100 Mb/s Upload
Antivirus
Malwarebyte Anti-Malware Premium
Browser
Google Chrome
Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
You must log in or register to reply here.

Similar threads

Intel Expanding Bug Bounty Program
Replies
0
Views
928
Brink
Brink
Extending the Microsoft Office Bounty Program
Replies
0
Views
1K
Brink
Brink
Microsoft Adds OneDrive to Bug Bounty Program
Replies
0
Views
1K
Brink
Brink
It's here! Office Insider Fast for Office 2016 on Windows
Replies
0
Views
3K
Brink
Brink
Announcing Insider build 16.0.6965.2058 for Office 2016 on Windows
Replies
0
Views
2K
Brink
Brink
Back
Top