Microsoft announced a new bug bounty program on Thursday that will reward security researchers for finding and reporting vulnerabilities in its AI-powered Bing services and apps. The program will offer bounties ranging from $2,000 to $15,000, with the highest rewards reserved for the most critical vulnerabilities.
The new program is part of Microsoft’s ongoing efforts to improve the security of its AI systems. The company has been investing heavily in AI security research in recent years, and it believes that the bug bounty program will help to identify and fix vulnerabilities that might otherwise be missed.
The program is open to all security researchers, regardless of experience or location. Researchers can submit their findings through the Microsoft Security Research Center (MSRC) portal.
The following AI-powered Bing services are currently in scope for the bug bounty program:
• AI-powered Bing integration in Microsoft Edge (Windows), including Bing Chat for Enterprise
• AI-powered Bing integration in the Microsoft Start Application (iOS and Android)
• AI-powered Bing integration in the Skype Mobile Application (iOS and Android)
Microsoft also detailed eligibility criteria for bug submissions. To qualify for a bounty, developers must report a bug that is new to Microsoft and has a critical or important severity rating. They must also provide specific steps to recreate the bug.
In the past year, Microsoft has paid out over $13 million in bounties to security researchers who have found vulnerabilities in its products and services. The highest single bounty paid out was $200,000.
Related:
- Microsoft’s Latest AR Glasses Patent Reveals a Hot-Swappable Battery Design
- Microsoft to debut its first AI chip next month to reduce reliance on Nvidia
- Download the best GCam APK for OnePlus Nord CE 3 Lite 5G
- Google’s Complaint Against Microsoft Could Have Far-reaching Implications for Industry
- Microsoft, Google, and Apple among most exploited in 2022 zero-day vulnerabilities
