2021-03-04 03:06:51
An Indian researcher Laxman Muthiyah has become the recipient of a $50,000 award by Microsoft under the company’s bug bounty program. Microsoft awarded the Indian researcher for spotting a vulnerability which could lead to someone’s Microsoft account getting hijacked.
As per Muthiyah, the vulnerability could “have allowed anyone to take over any Microsoft account without consent [or] permission.”
He had earlier found an Instagram rate limiting bug that could help hijack someone’s account. He then checked for the same vulnerability on Microsoft’s account.
Microsoft issued the award of $50,000 through the HackerOne bug bounty platform. The Redmond-based tech giant offers in between $1,500 and $100,000 for reporting bugs.
As per Muthiah, Microsoft was “quick in acknowledging the issue” once he reported it. He also says in a blog post that “The issue was patched in November 2020 and my case was assigned to different security impact than the one expected. I asked them to reconsider the security impact explaining my attack. After a few back and forth emails, my case was assigned to Elevation of Privilege (Involving Multi-factor Authentication Bypass). Due to the complexity of the attack, bug severity was assigned as important instead of critical.”
As per Muthiyah, the vulnerability could “have allowed anyone to take over any Microsoft account without consent [or] permission.”
He had earlier found an Instagram rate limiting bug that could help hijack someone’s account. He then checked for the same vulnerability on Microsoft’s account.
Microsoft issued the award of $50,000 through the HackerOne bug bounty platform. The Redmond-based tech giant offers in between $1,500 and $100,000 for reporting bugs.
As per Muthiah, Microsoft was “quick in acknowledging the issue” once he reported it. He also says in a blog post that “The issue was patched in November 2020 and my case was assigned to different security impact than the one expected. I asked them to reconsider the security impact explaining my attack. After a few back and forth emails, my case was assigned to Elevation of Privilege (Involving Multi-factor Authentication Bypass). Due to the complexity of the attack, bug severity was assigned as important instead of critical.”
Microsoft Account Takeover! 😊😇 Thank you very much @msftsecresponse for the bounty! 🙏🙏🙏Write up -… https://t.co/rJAaqZuFIQ
— Laxman Muthiyah (@LaxmanMuthiyah) 1614697686000
Lastly, Muthiah adds in the blog post: “I would like to thank Dan, Jarek and the entire MSRC Team for patiently listening to all my comments, providing updates and patching the issue. I also like to thank Microsoft for the bounty.”
tadalafil daily use generic tadalafil
buy tadalafil
usa pharmacy india: https://genericwdp.com/ generic pills without a doctor prescription
meds without a doctor prescription medications without a doctor’s prescription
where to buy viagra online buying viagra online
viagra amazon
buy viagra online usa п»їviagra pills
best over the counter viagra
buy real viagra online cost of viagra
viagra without a doctor prescription
where to buy propecia buy generic propecia
buy erection pills
how much is a valtrex prescription valtrex 500 cost
ed treatment
price of viagra https://viagrapills100.com/ order viagra online
viagra cost per pill https://viagrapills100.com/ viagra without a doctor prescription
ed pills online mens ed
buy ed pills from canada
cheap ed pills usa order ed pills
ed pills without a doctor prescription
prednisone 20 mg prices: generic prednisone – over the counter prednisone cream
zithromax online paypal: generic zithromax 500mg – zithromax 1000 mg online
plaquenil for arthritis: plaquenil price in india – hydroxychloroquine 90mg
https://zithromaxproff.com/# buy zithromax online fast shipping
zithromax 250 mg
http://zithromaxproff.com/# average cost of generic zithromax
buy zithromax canada
buy chloramphenicol generic: order doxycycline online
nitrofurantoin tablets
keftab online: nitrofurantoin online
buy ceftin online
united pharmacy india: generic pills india buy prescriptions from india pharmacy
online medications from india: india pharmacies shipping to usa india pharmacies shipping to usa
erectile pills canada: red erectile dysfunction pill viagra pills
canadian online pharmacy viagra viagra online without prescription viagra without prescription
non prescription viagra buying viagra online without prescription viagra without prescription