Microsoft bug bounty expands to critical flaws across online services
Security Tool/Service
Summary
Hide ▲
Show ▼
Microsoft expanded its bug bounty program to pay for critical vulnerabilities that directly affect any of its online services, increasing incentives to surface flaws before attackers exploit them. The program now covers issues in Microsoft, third-party, and open-source code when they impact those services. New services are now in scope as soon as they are released, widening coverage across Microsoft's online footprint.
Related Happenings
Rising critical Microsoft vulnerabilities across Windows, Azure, Dynamics 365, and Office
Target Trend
First: 19.05.2026 17:00
Last: 19.05.2026 17:00
Sources 1
About this happening:
Microsoft’s vulnerability volume stayed broadly stable, but **critical flaws** doubled year over year across **Windows, Azure, Dynamics 365, and Office**, increasing the likelihoo...
Rising critical Microsoft vulnerabilities across Windows, Azure, Dynamics 365, and Office
Target TrendAbout this happening: Microsoft’s vulnerability volume stayed broadly stable, but **critical flaws** doubled year over year across **Windows, Azure, Dynamics 365, and Office**, increasing the likelihoo...
Microsoft May 2026 Patch Tuesday release
Security Patch Release
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Microsoft May 2026 Patch Tuesday release
Security Patch ReleaseAbout this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Microsoft security patch release for CVE-2026-41089
Security Patch Release
First: 13.05.2026 00:46
Last: 13.05.2026 00:46
Sources 1
About this happening:
**Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Microsoft security patch release for CVE-2026-41089
Security Patch ReleaseAbout this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Microsoft May 2026 Patch Tuesday (120 flaws)
Security Patch Release
First: 12.05.2026 21:08
Last: 12.05.2026 21:08
Sources 1
About this happening:
**Microsoft** released its **May 2026 Patch Tuesday** updates, fixing **120 flaws** and disclosing **no zero-days**. The bundle includes **17 Critical** vulnerabilities, with mult...
Microsoft May 2026 Patch Tuesday (120 flaws)
Security Patch ReleaseAbout this happening: **Microsoft** released its **May 2026 Patch Tuesday** updates, fixing **120 flaws** and disclosing **no zero-days**. The bundle includes **17 Critical** vulnerabilities, with mult...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Timeline
-
11.12.2025 18:00 2 articles · 5mo ago
Microsoft expands bug bounty coverage for critical service-impacting vulnerabilities
Initial DisclosureMicrosoft expanded its bug bounty program to pay security researchers for critical vulnerabilities with a direct, demonstrable impact on Microsoft online services, including issues in third-party and open-source dependencies. New services are now in scope as soon as they are released, broadening coverage across Microsoft's online service footprint.
Show sources
- Microsoft bounty program now includes any flaw impacting its services — www.bleepingcomputer.com — 11.12.2025 18:00
- Microsoft bounty program now includes any flaw impacting its services — www.bleepingcomputer.com — 11.12.2025 18:00