Microsoft now pays up to $ 40,000 for some .NET weaknesses

Microsoft has expanded its .NET Bug Bounty Program and raised the prize of $ 40,000 for some .NET and ASP.NET core weaknesses.

Medaline Acurt, a senior program manager for researcher incentives and bounties at Microsoft, stated that the purpose of these changes is to more accurately reflect the complexity involved in the discovery and exploitation of thenet weaknesses.

“We are excited to announce a significant update for the Microsoft .NET Bounty program. Said Eckert.

“.NET Bunty Program now offers up to $ 40,000 USD for weaknesses affecting .NET and ASP.NET core (including Blazor and ASPIRE).”

From today, Microsoft will pay up to $ 40,000 for significant distance code execution and privilege escape safety defects, as well as $ 30,000 for significant security facility bypass, and up to $ 20,000 for significant remote refusal-service-bugs.

.NET Bug Bounty Program also expanded better .NET framework weaknesses, and it now includes:

All supported versions of .NET and ASP.NET,

Adjacent technologies such as F#,

The supported version of the Asp.net core for .NET framework,

Template provided with supported versions of .NET and Asp.net core,

Github actions in .NET and asp.net core repository.

Earlier this year, Microsoft raised the Bounty Awards for the AI weaknesses found in power platforms and Dynamics 365 services and products to $ 30,000.

In February, it announced the increased payment for 100% award multiplier for all Copillot Bounty Awards to encourage moderately Microsoft Copilot (AI) security defects and AI research.

During the last year’s Ignite annual conference, Microsoft also launched a hacking event on zero day quest, cloud and AI products and platforms and also launched a hacking event offering $ 4 million in awards.

These efforts are part of the company’s safe Future Initiative (SFI), a company-vision Cyber Security Engineering Scheme in November 2023, after a scathing report released by the Cyber Security Review Board of Homeland Security, which is. Stated Microsoft’s “security culture was insufficient and required an overhaul.”

Malware targeting password stores increased 3x as the attackers secretly carried out the perfect history landscape, infiltrated and exploited important systems.

Search for the top 10 Metter Att & CK techniques behind the 93% attacks and how to defend them.

What's Hot

Solar sail spacecraft can increase space warnings for about 60 minutes

Bitcoin price target $ 116,000 matches the major liquidity wall

5 of my favorite Linux System – Monitoring Tools – and why I use them

Gemini adds powerful new deep think models – what it does and who can try it

CTM360 Spot malicious ‘clicktok’ campaign targets Tiktok Shop users

How to infiltrate Linux system without leaving a trace

Microsoft’s new text editor is a VIM and Nano option

The best luxury car for buyers for the first time in 2025

Massives Datenleck in Cloud-Spichenn | CSO online

Most Popular

10,000 steps or Japanese walk? We ask experts if you should walk ahead or fast

FIFA Club World Cup Soccer: Stream Palmirus vs. Porto lives from anywhere

What do chatbott is careful about punctuation? I tested it with chat, Gemini and Cloud

Our Picks