Microsoft has announced the launch of a new Bing AI bug bounty program, inviting security researchers worldwide to discover vulnerabilities in its AI-powered Bing experience. The program offers lucrative rewards ranging from $2,000 to $15,000 USD for qualified submissions.
The goal of the Microsoft AI bounty program is to uncover significant vulnerabilities in the new, innovative, AI-powered Bing experience that have a direct and demonstrable impact on the security of Microsoft’s customers. Vulnerability submissions must meet specific criteria to be eligible for bounty awards.
To be eligible for bounty awards, vulnerability submissions must identify a vulnerability in the AI-powered Bing that was not previously reported to, or otherwise known by, Microsoft. Such vulnerability must be Critical or Important severity as defined by the Microsoft Vulnerability Severity Classification for AI Systems and reproducible on the latest, fully patched version of the product or service.
In-Scope Services and Products
Vulnerabilities submitted in the following products are eligible under this bounty program:
- AI-powered Bing experiences on bing.com in Browser (All major vendors are supported, including Bing Chat, Bing Chat for Enterprise, and Bing Image Creator)
- AI-powered Bing integration in Microsoft Edge (Windows), including Bing Chat for Enterprise
- AI-powered Bing integration in the Microsoft Start Application (iOS and Android)
- AI-powered Bing integration in the Skype Mobile Application (iOS and Android)
Bing AI Bug Bounty Program: How to Get Started
If you are a researcher, you are requested to create a test account and test tenants for security testing and probing. You should follow the Research Rules of Engagement to avoid harm to customer data, privacy, and service availability. If in doubt, You can contact [email protected].
This initiative is part of Microsoft’s holistic strategy to protect customers from security threats. It values its partnership with the global security research community and is excited to expand its scope to include the AI-powered Bing experience