Indian boys, Vansh Devgan, Shivam Kumar Singh, win ₹15 lakh Microsoft bug bounty for unveiling big flaws | Tech News
Home Tech Tech News Indian boys, Vansh Devgan, Shivam Kumar Singh, win 15 lakh Microsoft bug bounty for unveiling big flaws

Indian boys, Vansh Devgan, Shivam Kumar Singh, win 15 lakh Microsoft bug bounty for unveiling big flaws

Microsoft bug bounty was won by 2 Indian boys, Vansh Devgan from Uttar Pradesh and Shivam Kumar Singh from Jharkhand, for discovering flaws in Microsoft Edge browser.

By: HT TECH
| Updated on: Aug 21 2022, 18:33 IST
Icon
The 2 Indian boys, Vansh Devgan and Shivam Kumar Singh discovered a vulnerability in Microsoft Edge. They fixed the flaw and won the Microsoft bug bounty.
The 2 Indian boys, Vansh Devgan and Shivam Kumar Singh discovered a vulnerability in Microsoft Edge. They fixed the flaw and won the Microsoft bug bounty. (HackerOne/Instagram)
The 2 Indian boys, Vansh Devgan and Shivam Kumar Singh discovered a vulnerability in Microsoft Edge. They fixed the flaw and won the Microsoft bug bounty.
The 2 Indian boys, Vansh Devgan and Shivam Kumar Singh discovered a vulnerability in Microsoft Edge. They fixed the flaw and won the Microsoft bug bounty. (HackerOne/Instagram)

Two Indian boys, Vansh Devgan from Uttar Pradesh and Shivam Kumar Singh from Jharkhand, have won a huge bounty for discovering a bug in Microsoft edge browser. A vulnerability was found in the Microsoft Translator tool that is pre-installed in the Edge browser. Microsoft has rewarded $20,000 ( 15 lakh approx) to the duo for discovering the security flaws and reporting them to the company. The duo was awarded under Microsoft's Edge on Chromium Bounty Program.

The Microsoft Edge vulnerability was discovered by two cyber security researchers - according to a report by Times of India. Shivam is a business owner, and also does part time bug bounty hunting. As for Vansh, he's a cyber security enthusiast who has completed his third-year in B.Tech Computer Science from Lovely Professional University.

The vulnerability has been identified as CVE-2021-34506, and Microsoft has fixed it with the latest update of Edge. Microsoft Edge users are advised to update the browser to the latest version 91.0.864.59. The security vulnerability can be activated when the language translation tool is used in Microsoft Edge. If users visit any website in Edge, and select the language translation tool then it could trigger an arbitrary code to perform anything. So it was quite easy to run arbitrary code since it only required turning on auto translate in Microsoft Edge.

“We created an profile on Facebook with name in different language and XSS payload and sent an friend request to victim (he is using Microsoft edge) as soon as he checks are profile he got hacked (SCC popup because of auto translation)”, Vansh was quoted as saying by TOI. Vansh and Shivam were able to bypass YouTube and the Windows Store app as well by exploiting this vulnerability.

Microsoft recently paid 20-year old ethical hacker Aditi Singh $30,000 ( 22 lakh approx) for discovering a bug in the Azure cloud system. Tt was a remote code execution (RCE) bug that Aditi discovered in Microsoft's Azure cloud system.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 01 Jul, 10:12 IST
Trending: jiocinema unveils pocket-friendly premium plans for ad-free 4k streaming how to change whatsapp font style and font size in chat window beware! your whatsapp account can be hacked easily; here’s how this cybcercrime works apple ceo tim cook teases ‘pencil 3’ along with new ipads ahead of may 7 special event whatsapp is one step closer to replacing regular phone calls with this new feature how to restore whatsapp chat history on android: check tips and tricks ipad air 2024 launch: better camera, mini-led display and what more to expect from apple get netflix, amazon prime, disney + hotstar and jio tv for free! just do this use of whatsapp plus, gb whatsapp got your whatsapp account banned? here is how to fix it did facebook really change its logo? see if you can spot the difference
NEXT ARTICLE BEGINS

Tips & Tricks

WhatsApp banned
WhatsApp banned my number. What’s the solution? Step-by-step guide to ‘unban’ your account
Consider Tonnage
Don't forget these 5 things while buying ACs online
Productivity
Otter AI: How to use this AI meeting assistant app to automatically take notes, transcripts, more
Pixel 8 Pro's Pro
Know how to master Pro Controls on the Google Pixel 8 Pro - check top 4 tips
ChatGPT Plus
How to edit images generated by DALL-E in ChatGPT: Step-by-step guide

Editor’s Pick

Digi Yatra
Digi Yatra users, delete the old app right now- Here’s how to download the new app and use it at airports
iPhone 15
iPhone 16 leaks summarised: Colours, A-series chip and what more to expect from Apple in 2024
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
HDFC Bank alerts about a few common ‘bad habits’ of smartphone users that make it easy for them to fall prey to hacking attempts and scams.
Online scams: 5 habits of smartphone users that make life easy for hackers, warns HDFC Bank
Moto Edge 50 Pro
Motorola Edge 50 Pro review: Should you buy this new AI smartphone under 35,000?

Trending Stories

Dbrand
MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
GTA_6
GTA 6 leaks: What we know so far about Grand Theft Auto 6
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
Google Vids
Google Vids- All details about this new AI video app and how to use it
iPhone 13
Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
keep up with tech

Gaming

GTA 6 trailer rumoured to be bringing a narrative twist by showing events in reverse- All details
GTA 6 trailer rumoured to be bringing a narrative twist by showing events in reverse- All details
Garena Free Fire MAX Redeem Codes for April 26
Garena Free Fire MAX Redeem Codes for April 26: Claim the Flaming Hollowface Bundle now
Garena Free Fire Redeem Codes for April 26
Garena Free Fire Redeem Codes for April 26: Faded Wheel event is here, check rewards
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
PS5 update adds Community Game Help feature; Now get community-generated hints for supported games
PS5 update adds Community Game Help feature; Now get community-generated hints for supported games

Best Deals For You

Honor 90
5 best smartphones for your eyes: Xiaomi 13, Honor 90 to Motorola Edge Plus, check list
Innovative Neckband
Unix launches UX-2000 Retro: The ultimate wireless neckband with customizable voices
Redmi 13C 5G
Top 7 Redmi phones under 12000: From Redmi 13C to Redmi A2 - Know them all
360 Home Security Camera 2K
Valentine's Day Gift Ideas: Great options available in Xiaomi's gadget collection - check it out
PlayStation 5
5 best gaming consoles to buy right now: PlayStation 5, Xbox Series X and more

    Trending News

    MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
    Dbrand
    GTA 6 leaks: What we know so far about Grand Theft Auto 6
    GTA_6
    10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
    STScI-01HFQ5YXZ04PF608HQB0KRTF3S
    Google Vids- All details about this new AI video app and how to use it
    Google Vids
    Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
    iPhone 13

    Trending Gadgets

    Mobiles Laptops Tablets