Microsoft expands its bug bounty program to include all online services and third-party dependencies, incentivizing security research on critical vulnerabilities. This initiative aims to enhance safety across Microsoft’s ecosystem, supported by significant bounty payouts and aligned with their Secure Future strategy. #MicrosoftSecurityResponseCenter #BugBountyProgram
Keypoints
- Microsoft now offers rewards for discovering vulnerabilities in any of its online services, including third-party components.
- The expanded program covers security flaws impacting Microsoft’s services regardless of code ownership.
- Over $33.6 million has been paid out in bug bounties over the past two years to security researchers.
- This policy change is part of Microsoft’s broader Secure Future Initiative focused on security improvements.
- Microsoft has also implemented security enhancements such as disabling ActiveX controls and updating authentication protocols.