Microsoft has launched a bug bounty program for its Microsoft Teams platform in response to its growing dependence and importance in the ‘work from home culture.
Launching Microsoft Teams bug bounty:
Microsoft has put forth a bug bounty program for researchers to scope and detect security flaws in the Microsoft Teams desktop software.
A sum of up to $30,000 will be offered as a bug bounty with “scenario-based awards for vulnerabilities” if they have a significant impact, especially on customer privacy and security.
Bug bounty prizes for Microsoft Teams start from $6000.
Limitations of the bug bounty:
Global statistics have recorded that the Microsoft Teams platform has more than 100 million daily active users and as a result, it is critical for security researchers to detect any possible security flaws and vulnerabilities within the platform.
It is to be noted that the bug bounty will be offered for the Microsoft Teams desktop application only, which is deployed for Windows 10, macOS, and Linux.
Even though the Teams application is available for the iOS and Android operating systems and can be accessed via desktop browsers, no bug bounty will be offered for the mobile or browser apps.
Massive bug bounty rewards:
To detail the $30,000 bug bounty, security researchers must be able to distinctly outline a remote code execution flaw within the Teams environment using the native code in the course of the current user barring the user interaction.
A $15,000 bug bounty has been offered up for detecting bugs that could enable malicious actors to gain authentication credentials for other users, excluding phishing attacks.
Cross-site scripting (XSS) or any other remote code injection vulnerabilities within the Microsoft Teams platform that may allow hackers to execute arbitrary code will earn security researchers a bounty sum of $10,000.
Another $10,000 bug bounty reward will be given for demonstration of privilege escalation vulnerabilities that can be exploited.
The tech giant is also offering general bounty awards for the Teams desktop app that lie beyond the scenario-based awards, with bounties scaling up to $15,000.