Microsoft has significantly updated its Copilot AI bug bounty program, offering larger rewards and expanding its scope to cover a wider range of products and services.
The program now includes integrations with messaging platforms like Telegram and WhatsApp, alongside the domains copilot.microsoft.com and copilot.ai.
Researchers can earn up to $5,000 for moderate-severity vulnerabilities and as much as $30,000 for critical flaws. These changes reflect Microsoft’s broader push to secure its AI ecosystem as reliance on artificial intelligence in consumer and enterprise tools grows.
The expansion follows similar enhancements to Microsoft’s previous bug bounty programs, including its Bing Chat bug bounty program, launched in 2023, which targeted vulnerabilities in GPT-4-powered AI tools. By extending its scope to new products like messaging integrations, Microsoft is emphasizing the importance of safeguarding its AI-driven applications against emerging threats.
Similarly, the Defender bug bounty program incentivized researchers to address weaknesses in Microsoft Defender products, with rewards ranging from $500 to $20,000 depending on severity.
Higher Rewards for Moderate-Severity Flaws
For the first time, Microsoft has introduced rewards for moderate-severity vulnerabilities, which it had not prioritized in previous iterations of the program.
In its official announcement, Microsoft stated, “Researchers who identify and report moderate severity vulnerabilities will now be eligible for bounty rewards up to $5,000.” This update reflects the company’s acknowledgment of how even less severe issues can compromise the reliability and safety of its AI tools.
Critical vulnerabilities, such as inference manipulation in AI models, continue to be rewarded with payouts of up to $30,000, while lower-severity flaws—like cross-site scripting (XSS) and improper input validation—can earn researchers smaller rewards starting at $250.
This tiered system incentivizes contributions from a broader range of experts and helps Microsoft address risks at multiple levels.
Expanding the Copilot Ecosystem
The Copilot AI suite now spans multiple platforms and services, with features integrated into applications used by millions of consumers daily. The inclusion of Telegram and WhatsApp integrations signals Microsoft’s intent to address potential vulnerabilities in widely adopted messaging tools, which are becoming increasingly reliant on AI.
These additions complement existing bounty targets such as Copilot for Edge, Windows, and Bing’s AI-powered search.
Microsoft’s commitment to AI security is evident across its broader product portfolio. For example, the company expanded the Microsoft 365 Bounty Program to include tools like Viva Pulse and Learning, offering rewards of up to $27,000 for critical flaws. These consistent updates reflect the company’s focus on improving security across its evolving AI-driven ecosystem.
A Focus on Security Standards
Microsoft’s expanded bug bounty program integrates its Online Services Bug Bar and AI Bug Bar frameworks. These tools provide researchers with clear criteria for evaluating and reporting vulnerabilities, ensuring a consistent and transparent assessment process.
The Online Services Bug Bar outlines standards for categorizing vulnerabilities across Microsoft’s online platforms, while the AI Bug Bar focuses specifically on risks unique to artificial intelligence, such as model inference manipulation.
The adoption of these frameworks in the Copilot program is aimed at simplifying the reporting process for researchers and standardizing how Microsoft addresses vulnerabilities across its services. By aligning its efforts with these established guidelines, Microsoft demonstrates its commitment to collaborating effectively with the security community.
Broader Security Initiatives
The updates to the Copilot bounty program are part of Microsoft’s larger Secure Future Initiative (SFI), launched in 2023 to overhaul its cybersecurity practices. This initiative followed a report by the U.S. Department of Homeland Security’s Cyber Safety Review Board, which criticized the company’s security culture and recommended significant reforms.
In response, Microsoft introduced a series of measures, including the Zero Day Quest, a hacking event offering $4 million in rewards to researchers targeting vulnerabilities in cloud and AI systems.
Efforts like SFI highlight the company’s proactive stance in addressing security concerns. By extending its bounty programs to include moderate-severity vulnerabilities and expanding the scope to new products, Microsoft signals a willingness to adapt to evolving threats in the AI space.
