back to article Microsoft extends bug bounty to cover Edge remote code exec

Microsoft has opened a remote code execution bug bounty for preview versions of its Microsoft Edge browser. The Internet Explorer killer and hopeful challenger to Firefox and Safari -- Chrome dominates the browser space -- was released in March last year. Microsoft will pay between $500 and $1,500 for remote code execution …

  1. Herby

    Is there a pool on...

    How long before an exploit is found? It might be more interesting.

    Personally I wouldn't give it much time until something is found!

    1. Hans 1
      Paris Hilton

      Re: Is there a pool on...

      Edge has already had a number of CVE's with remote code execution ... Knowing that and the fact that they try to force you to use it ...

      The other day, I wanted to open an app and was too quick, in the "start" menu, I typed the name of the app, and hit enter ... result? It attempted to search the Interwebs for my program using Edge and Bing ... haste on my part, but still.

  2. Anonymous Coward
    Anonymous Coward

    Pay is still way too cheap to do Microsoft's job for them

    Until there's a minimum of 15k being offered, and preferably 50-100k+ for serious dedicated time-consuming bug-hunts, who wants to be the lapdog of fat corporates??? Sure Execs, keep seeing us techs as mere plumbers, and chase down our wages accordingly.... And we'll keep watching you being forced to resign in disgrace after breach after breach!

    1. Steve Davies 3 Silver badge

      Re: Pay is still way too cheap to do Microsoft's job for them

      and in other news we see Apple doing just that.

      I think your thoughts about MS being cheapskates is not far from the truth.

    2. hplasm
      Meh

      Re: Pay is still way too cheap to do Microsoft's job for them

      "And we'll keep watching you being forced to resign in disgrace..."

      If only!

    3. hplasm
      Happy

      Re: Pay is still way too cheap to do Microsoft's job for them

      They are definitely going to have to pay out, so why would they offer more?

      As another Commentard rightly says- "It is known."

  3. aberglas

    It should be $150,000!

    A "remote code execution" presumably means that you browse to a website and it takes over your entire computer. That is not just something more to patch next Tuesday, it should be considered to be something that cannot happen. Period. For it to happen there is something very wrong with the technology that is being used. (e.g. like using C/C++ instead of .Net!)

    1. Anonymous Coward
      Anonymous Coward

      Re: It should be $150,000!

      As if .NET can magically make all security holes go away? Sure, pull the other one.

  4. Anonymous Coward
    Anonymous Coward

    Microsoft "Windows 10 Pro Subvert Challenge"

    Ready for Windows 10 "Subvert Challenge"!!!!!!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022