Microsoft has set up a bug bounty for users who uncover remotely-exploitable bugs in the Edge browser. This is a release for Windows Insiders to make sure bugs are cleared before Edge builds reach end users.
Considering Insiders see unfinished builds regularly, they are the most likely to find an exploitable bug. They can then Microsoft about for the company to issue a fix. The bounty has been set up for a limited time and will see users who uncover remotely-exploitable bugs rewarded. Microsoft is paying between $500 and $15,000 for various levels of warning.
The effort is a part of the company’s vulnerability rewards program that rewards security researchers for finding flaws. To help bolster its security features, Microsoft is asking hackers to try an access Chakra. The JavaScript core is the engine that runs Edge.
Bug Squashing
Microsoft may know about a bug, even so, the company says it will offer a reward of up to $1,500, as the company explains:
“As the bounty programs are pushing forward into earlier releases of software, there may be more instances of a vulnerability being reported which Microsoft is already working to resolve,” Microsoft said.
For interested parties, the bounty will take place over 10 months, from August 4, 2016 to May 15, 2017. This run includes all previews of Edge released from now until the closing date. The current EdgeHTML 14 release in the Windows 10 Anniversary Update is an end user release and is not part of the bounty.
