Office Insiders on Windows are being called into action to improve Microsoft Office. Today, the MSRC Team posted an announcement about launching a new Bug Bounty Program. Office Insiders involved in developing a more secure and efficient Office, similar to other programs before it.
Microsoft’s latest bug bounty invites hackers to find security vulnerabilities in Office Insider builds, the version of its productivity suite it tests with enthusiasts before general release. Redmond will be offering hackers between $500 and $15,000 for each bug they find and report in the Office Insider preview on Windows desktop.
The bounty runs between March 15 and June 17.
It even seems like a competition in some regards considering Microsoft will be awarding the bounty to the first eligible submission received.
What qualifies as an “eligible submission”? Microsoft has conveniently listed that off for us:
- Identify an original and previously unreported vulnerability in the current Office Insider build on a fully patched Windows 10 Desktop
- The vulnerability must reproduce on the most recent Office Insider slow build to qualify for a bounty (If a submission reproduces in a previous Office Insider slow build but not the current Office slow build available at the time of your submission, then the submission is ineligible)
- Include concise reproducibility steps that are easily understood. (This allows submissions to be processed as quickly as possible and supports the highest payment for the type of vulnerability being reported.)
- Include the Office version number and slow build number on which the vulnerability reproduces (To find the number, go to File -> Account -> Office update (version and build number) )