14.2 C
Tuesday, May 14, 2024
HomeNewsTechnologyIndian techie’s bug alert wins Rs 36 lakh from Microsoft

Indian techie’s bug alert wins Rs 36 lakh from Microsoft

Related stories

J&K police release list of seized assets used for terrorism

Jammu, Feb 16 : The police in Jammu and...

Israel says 4 mln citizens vaccinated against Covid-19

Jerusalem, Feb 17 : Israeli officials announced that some...

Hungary to receive first shipment of Chinese vaccines

Beijing, Feb 17 : A Hungarian cargo plane loaded...

Chennai, March 3 : Microsoft has awarded a Chennai-based security researcher $50,000 (approximately Rs 36 lakh) for spotting vulnerability on the company’s online services that “might have allowed anyone to takeover any Microsoft account without consent”.
After assessing his report, the Microsoft security team patched the issue and rewarded him $50,000 as a part of their Identity Bounty Program, security researcher Laxman Muthiyah wrote in a blog post on Tuesday.
Muthiyah earlier won bug bounty from Facebook for finding a similar account takeover vulnerability in Instagram.
“I found Microsoft is also using the similar technique to reset user’s password so I decided to test them for any rate limiting vulnerability,” he said.
Muthiyah explained that to reset a Microsoft account’s password, users need to enter email address or phone number in their forgot password page. After that they will be asked to select the email or mobile number that can be used to receive the security code.
Once they receive the 7-digit security code, they will have to enter it to reset the password.


- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories