All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services.

Microsoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party.

According to Microsoft, a zero-day flaw is one that has been publicly disclosed or actively exploited while no official fix ...

Microsoft Corp. announced today that it is expanding its bug bounty program with a new policy that brings all of its online ...

Microsoft fixed over 50 security vulnerabilities with December's big Patch Tuesday. One of them is already being actively ...

Microsoft' 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day ...

KB5072033 addresses vulnerabilities across Windows systems and Office applications—including one actively exploited zero-day.

Microsoft is planning to deliver on October 1 to third-party software developers a set of technologies that will allow them to add code protection and activation mechanisms to their own software. When ...

Microsoft is intent on pushing the strengths of AI – as Windows 11 is firmly headed for a future of Copilot and various AI agents – and a fresh post on X is causing yet more controversy.

Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.