Microsoft has several bug bounty programs that reward security researchers and hackers who find vulnerabilities across services. In the last example, a Microsoft Teams bounty program is launching. It will follow similar principles to the company's programs.
The timing of this launch is important because it comes at a time when Microsoft Teams is a fundamental tool for millions of people. Amid the ongoing COVID-19 pandemic, people continue to work remotely, making services like Microsoft Teams essential.
Maintaining security is important for organizations that are working remote. While Microsoft uses the latest cybersecurity technology to keep Teams secure, the chance of attack remains. A bounty program will task researchers with finding any vulnerabilities Microsoft has missed.
It's a similar idea we have seen the company employ across bounty programs for Azure and Windows services. Specifically, Microsoft will pay researchers if they are able to find security issues within Microsoft Teams.
Hackers can be paid between $6,000 and $30,000, with the later reward for high-impact vulnerabilities. These are issues that require immediate attention by Microsoft. Below are the rewards Microsoft is offering:
- “Scenario-Based Bounty Awards: This new program includes 5 scenario-based awards for vulnerabilities that have the highest potential impact on customer privacy and security. Rewards for these scenarios range from $6,000 to $30,000 USD.
- General Bounty Awards: In addition, we offer bounty awards for other valid vulnerability reports for the Teams desktop client that do not qualify for the scenario-based awards. Rewards for these reports range from $500 to $15,000 USD.
- Teams Online: Submissions for Teams online services will continue to be awarded under the Online Services Bounty Program.
- Researcher Recognition Program Points: Valid reports for Microsoft Teams research are now eligible for a 2x bonus multiplier under the Researcher Recognition Program. Points earned contribute toward your eligibility for the annual MSRC Most Valuable Security Researcher list.”
Researchers must take a test on Teams through a subscription they hold. When a bug is found, hackers must be able to demonstrate the bug on the latest version of the Microsoft Teams desktop client.
Tip of the day:
Due to the various problems that arise with microphones, it can often be necessary to perform a mic test, but those wondering how to hear yourself on mic in Windows 10 are often left stumped. Microsoft's OS doesn't make it especially intuitive to listen to microphone playback or play the microphone through speakers. In our tutorial we show you how to hear yourself on mic with just a few clicks.