Particle.news

Download on the App Store

High School Junior Drives Microsoft Bug Bounty Reforms and Claims Third at Zero Day Quest

A high school junior balancing security research alongside his studies, he continues to deepen his partnership with Microsoft’s Security Response Center.

A split-screen image featuring a hooded figure with a glowing head and binary code, representing a hacker or cybersecurity concept, on the left. On the right is a photo of Microsoft’s glass-paneled corporate building with the company logo prominently displayed.
Image
Image
Dylan, a school student, has become one of Microsoft’s youngest and most celebrated security researchers, balancing studies and bug-hunting.

Overview

  • At age 13, Dylan responsibly reported a Microsoft Teams vulnerability that enabled group takeovers, marking his entry into collaboration with MSRC.
  • His disclosures prompted Microsoft to lower its Bug Bounty Program age limit to 13 and to expand its scope to include Authenticator Broker vulnerabilities.
  • Last summer he filed 20 vulnerability reports, a significant increase from his previous total of six submissions.
  • In April, Dylan secured third place at Microsoft’s Zero Day Quest in Redmond, ranking among the event’s top global researchers.
  • He maintains a prolific research output while managing coursework, Science Olympiad, math competitions, music and sports.