May 24, 2022

New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we […]
April 15, 2022

Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs

We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these […]
April 6, 2022

On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program

Microsoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program.  Through […]
March 23, 2022

Exploring a New Class of Kernel Exploit Primitive

The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types […]