HT TECH wants to start sending you push notifications. Click allow to subscribe
Home Tech Tech News Indian boys, Vansh Devgan, Shivam Kumar Singh, win 15 lakh Microsoft bug bounty for unveiling big flaws

Indian boys, Vansh Devgan, Shivam Kumar Singh, win 15 lakh Microsoft bug bounty for unveiling big flaws

Microsoft bug bounty was won by 2 Indian boys, Vansh Devgan from Uttar Pradesh and Shivam Kumar Singh from Jharkhand, for discovering flaws in Microsoft Edge browser.

By: HT TECH
Updated on: Aug 21 2022, 18:33 IST
The 2 Indian boys, Vansh Devgan and Shivam Kumar Singh discovered a vulnerability in Microsoft Edge. They fixed the flaw and won the Microsoft bug bounty. (HackerOne/Instagram)

Two Indian boys, Vansh Devgan from Uttar Pradesh and Shivam Kumar Singh from Jharkhand, have won a huge bounty for discovering a bug in Microsoft edge browser. A vulnerability was found in the Microsoft Translator tool that is pre-installed in the Edge browser. Microsoft has rewarded $20,000 ( 15 lakh approx) to the duo for discovering the security flaws and reporting them to the company. The duo was awarded under Microsoft’s Edge on Chromium Bounty Program.

The Microsoft Edge vulnerability was discovered by two cyber security researchers - according to a report by Times of India. Shivam is a business owner, and also does part time bug bounty hunting. As for Vansh, he’s a cyber security enthusiast who has completed his third-year in B.Tech Computer Science from Lovely Professional University.

You may be interested in

Mobiles Tablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹148,900₹159,900
Buy now
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
₹115,999₹149,999
Buy now
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
₹106,998
Check details
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹87,900
Check details
27% OFF
Microsoft Surface Studio A1Y 00022
  • Platinum Silver
  • 16 GB LPDDR4X RAM
  • 512 GB SSD
₹179,990₹245,900
Buy now
6% OFF
Microsoft Surface Pro GWP 00001
  • Space Grey
  • 8 GB RAM
  • 256 GB SSD
₹94,799₹100,999
Buy now
28% OFF
Microsoft Surface Book KSR 00020
  • Platinum
  • 8 GB DDR3 RAM
  • 128 GB SSD
₹74,000₹102,990
Buy now
28% OFF
Microsoft Surface 3 V4G 00021
  • Platinum
  • 8 GB DDR4 RAM
  • 128 GB SSD
₹74,000₹102,990
Buy now
34% OFF
Xiaomi Pad 6
  • Mist Blue
  • 6 GB RAM
  • 128 GB Storage
₹26,299₹39,999
Buy now
55% OFF
Lenovo Tab M10 5G
  • Abyss Blue
  • 6 GB RAM
  • 128 GB Storage
₹20,999₹47,000
Buy now
32% OFF
Realme Pad 2
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹19,790₹28,999
Buy now
Honor Pad X9
  • Gray
  • 4 GB RAM
  • 128 GB Storage
₹14,999
Check details

The vulnerability has been identified as CVE-2021-34506, and Microsoft has fixed it with the latest update of Edge. Microsoft Edge users are advised to update the browser to the latest version 91.0.864.59. The security vulnerability can be activated when the language translation tool is used in Microsoft Edge. If users visit any website in Edge, and select the language translation tool then it could trigger an arbitrary code to perform anything. So it was quite easy to run arbitrary code since it only required turning on auto translate in Microsoft Edge.

Also Read
Amazon, Microsoft and the Seattle shakeout in remote work

“We created an profile on Facebook with name in different language and XSS payload and sent an friend request to victim (he is using Microsoft edge) as soon as he checks are profile he got hacked (SCC popup because of auto translation)”, Vansh was quoted as saying by TOI. Vansh and Shivam were able to bypass YouTube and the Windows Store app as well by exploiting this vulnerability.

Microsoft recently paid 20-year old ethical hacker Aditi Singh $30,000 ( 22 lakh approx) for discovering a bug in the Azure cloud system. Tt was a remote code execution (RCE) bug that Aditi discovered in Microsoft’s Azure cloud system.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on ,Twitter, Facebook, , and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 01 Jul, 10:12 IST
Tags:

Sale

Mobiles Tablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹148,900₹159,900
Buy now
13% OFF
Xiaomi 14
  • Matte Black
  • 12 GB RAM
  • 512 GB Storage
₹69,999₹79,999
Buy now
11% OFF
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹79,800₹89,900
Buy now
3% OFF
Samsung Galaxy Z Fold5
  • Icy Blue
  • 12 GB RAM
  • 256 GB Storage
₹154,999₹159,999
Buy now
57% OFF
Lenovo Tab M10 5G
  • Abyss Blue
  • 6 GB RAM
  • 128 GB Storage
₹19,999₹47,000
Buy now
38% OFF
Realme Pad 2
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹17,999₹28,999
Buy now
20% OFF
Samsung Galaxy Tab S9 5G 256GB
  • Graphite
  • 8 GB RAM
  • 256 GB Storage
₹88,400₹110,998
Buy now
38% OFF
realme Pad 2 WiFi
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹17,999₹28,999
Buy now
23% OFF
Infinix INBook X1 Neo XL22 Laptop Intel Celeron Quad Core 8 GB 256 GB SSD Windows 11
  • Blue
  • 4 GB RAM
  • 128 GB SSD
₹22,990₹29,990
Buy now
25% OFF
Asus TUF Gaming F15 FX506HF HN076W Laptop
  • Graphite Black
  • 16 GB RAM
  • 512 GB SSD
₹56,390₹74,990
Buy now
22% OFF
Asus ROG Strix G15 G513QC HN088TS Laptop
  • Black
  • 8 GB RAM
  • 1 TB SSD
₹70,990₹90,990
Buy now
30% OFF
Asus VivoBook S14 OLED S3402ZA KM502WS Laptop
  • Indie Black
  • 16 GB RAM
  • 512 GB SSD
₹64,990₹92,990
Buy now
NEXT ARTICLE BEGINS

Copyright © HT Media Limited
All rights reserved.