Microsoft is offering big money if you can hack Teams

Bounty program will soon extend to other apps as well

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoft’s Security Response Center (MSRC) has announced a new bounty program for any ethical hackers able to unearth vulnerabilities inMicrosoft Teams.

Like all major software vendors, Microsoft operates a number of bug bounty programs that offer rewards to external developers for highlighting shortcomings in its apps. Th enewMicrosoft Applications Bounty programis specifically designed to identify security gaffes in the apps such as the Team desktop client.

Microsoft Teams has rapidly grown over the past year to become one of the most importantonline collaborationplatforms around as remote working grew in response to the Covid-19 pandemic.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

“Microsoft and security researchers across the planet continue to partner to help secure customers and the technologies we use for remote collaboration,” says Lynn Miyashita, Program Manager, MSRC.

Bounties up to $30,000

Miyashita adds that the new bounty program is an extension of the existing efforts to ensure the security of the app.

The program’s goal is to uncover significant technical vulnerabilities that Microsoft says should have a demonstrable and direct impact on the security of the users of the Teams desktop client. The program offers bounties ranging from $500 to $30,000.

MSRC has identified five critical scenarios that do the maximum damage, and vulnerabilities affecting those start at $6000. Vulnerabilities outside the purview of these five scenarios pay between $500 and $15000.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While the Teams desktop client is currently the only application that’s listed under the new Applications Bounty program, Miyashita says that they’ll soon expand the scope of the program to include other apps as well.

The news comes shortly after Microsoft  announced a host of new security features for Teams, including limited end-to-end encryption (E2EE) functionality. This additional protection will be available to paying users and will initially apply to one-on-one meetings only, although Microsoft has hinted that E2EE will be extended to other meeting types further down the line.

Rival video conferencing serviceZoomfound itself in hot water at the start of pandemic, when it emerged that claims its meeting participants were protected byfull end-to-end encryptionwere unfounded.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’