New York, March 7
Microsoft has doubled its bug bounty for a limited period to up to $30,000 for individuals across the globe who do serious vulnerability submissions for specific online services provided by the tech giant.
The qualified submissions are eligible for a minimum payment of $500 up to a maximum of $15,000, Microsoft said in a post late on Monday.
Now from March 1 to May 1, any eligible vulnerability submitted for Microsoft Office 365 Portal and Microsoft Exchange Online would be eligible for double rewards.
“Hence, any qualified vulnerability found in the domains below will receive up to $30,000 if it’s submitted between March 1 and May 1,” the company said.
Bounties will be paid out at Microsoft’s discretion based on the impact of the vulnerability.
The bounties would be paid for services like, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Unauthorised cross-tenant data tampering or access (for multi-tenant services), among others.
The specific domains include, portal.office.com, outlook.office365.com, outlook.office.com, *.outlook.com and outlook.com.’