Microsoft has introduced a fresh bug bounty initiative aimed at encouraging security researchers to uncover and report vulnerabilities within its AI-driven Bing services and applications. Under this program, rewards will range from $2,000 to $15,000, with the most substantial payouts reserved for the most severe vulnerabilities.
This endeavor aligns with Microsoft’s ongoing commitment to bolster the security of its AI systems, reflecting the company’s substantial investments in AI security research in recent years. The bug bounty program is viewed as a means to detect and address vulnerabilities that might otherwise remain undetected.
This program welcomes security researchers of all backgrounds and locations to participate, fostering inclusivity. Researchers can share their findings through the Microsoft Security Research Center (MSRC) portal.
The program encompasses AI-powered Bing services across various platforms, including bing.com in browsers, Microsoft Edge, Microsoft Start Application for iOS and Android, and the Skype Mobile Application for iOS and Android.
Microsoft has outlined specific eligibility criteria for bug submissions. To qualify for a reward, developers must report a novel, critical, or significant-severity bug that is previously unknown to Microsoft, accompanied by detailed steps to reproduce the issue.
In the past year, Microsoft has distributed more than $13 million in bounties to security researchers who have unearthed vulnerabilities in its products and services. The most substantial individual reward to date reached $200,000.
