Microsoft has expanded its bug bounty program to include all online services and third-party components, making vulnerability reporting more comprehensive. This change aims to improve security by incentivizing researchers to identify flaws across the entire Microsoft ecosystem, including open-source and external dependencies. #MicrosoftBugBounty #ThirdPartyVulnerabilities
Keypoints
- Microsoft’s bug bounty scope now automatically includes all its online services from launch.
- The program extends rewards to vulnerabilities in third-party and open-source components used by Microsoft.
- Microsoft aims to reduce reporting delays and confusion by making all services ‘In Scope By Default.’
- The update enhances collaboration with researchers on vulnerabilities in external code affecting Microsoft services.
- The initiative seeks to elevate security standards across Microsoft’s entire ecosystem, including cloud and third-party integrations.
Read More: https://thecyberexpress.com/microsoft-bug-bounty-in-scope-by-default/