A Microsoft 365 bug discovery can help you earn extra money

Published April 16, 2022
Author: Ash Khan

A Microsoft 365 bug discovery can help you earn extra money

Published April 16, 2022
Author: Ash Khan

Cybersecurity experts and white hat hackers may now earn extra money by discovering defects in Microsoft 356, Dynamics 365, and Microsoft’s Power Platform. 

The Microsoft Security Response Center said in a recent article that it is increasing the maximum awards for high-impact security issues reported to the Dynamics 365 and Power Platform Bounty Programs, and also the Microsoft 365 Bounty Program. 

Defect hunters may now earn up to $20k for discovering a cross-tenant information exposure bug in Dynamics 365 and Power Platform. Furthermore, remote code execution via untrusted input issues in Microsoft 365 will be valued 30percent more, unauthorized cross-tenant and cross-identity critical data leakage will be valued 20 percent more, and “confused deputy” flaws will be valued 15 percent more. 

Such new bounty rewards are part of Microsoft’s “ongoing attempts to cooperate with the cybersecurity research community,” as part of the corporation’s comprehensive approach to guarding against security risks. 

Microsoft which is known for products like Microsoft Teams has introduced on-premise Exchange, SharePoint, and Skype for Business to its Apps and On-Premises Servers Bounty Program, in addition to extending its bug bounty awards in Microsoft 365, Dynamics 365, and Power Platform. 

This enhanced bug bounty program allows security experts who discover and disclose flaws affecting on-premises servers to win awards starting from $500 to $26,000. 

As per a second blog article from the Microsoft Security Response Center, “greater awards are available, at Microsoft’s absolute discretion, depending on the severity and effect of the bug and the credibility of the submission.” 

Server-side request forgery issues are worth an extra 20 percent in both Exchange and SharePoint whenever it comes to the severity multiplier for these types of vulnerabilities. 

Curious security experts and white hat hackers may discover more by checking Microsoft’s Applications and On-Premises Servers Bounty Program page. 

Microsoft also recently released a new upgrade that allows IT administrators to set a tenant-wide timeout policy to automatically log out inactive users in Microsoft 365 web applications. 

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

One Call, One Solution

Get Your IT Problems Resolved in No Time!​

Best Websites

Other Articles

Latest Posts

Popular Tags

API Integration Branding Services Business Cloud Backup storage cloud storage Cloud VPS Server Hosting Database Services Digital Marketing eBay Store Email Hosting Email Marketing & CRM Email security Explainer Video Fast Vpn FTP hosting Google Ads Google Workspace hacked website repair IT Support Services Managed AWS Cloud Managed Azure Cloud Microsoft 365 Microsoft Office 365 Microsoft Teams Integration mobile apps Outlook email Register Domain Reseller Hosting SEO Services Server Management SIM Hosting Service Social Media Marketing SQL Services SSL Certificates Transfer Domain Name Vulnerability Assessment Vulnerability Scan vulnerability scanning web applications Web Hosting Web Maintenance Website Designing website repair services Website Security Wordpress Hosting