Microsoft’s new AI bug bounty program; up to Rs 12 lakhs in rewards for finding a bug

New Delhi: Microsoft, a multinational technology company with headquarters in the United States, has introduced a bug bounty programme for artificial intelligence to find vulnerabilities in new AI-powered Bing services and associated applications. The initiative offers awards of up to USD 15,000 (around Rs 12,51,347).

The purpose of the initiative is to motivate academics from across the globe to identify flaws inside the Bing chatbot and AI integrations.

“The Microsoft AI bounty programme invites security researchers from across the globe to discover vulnerabilities in the new, innovative, AI-powered Bing experience. Qualified submissions are eligible for bounty rewards from $2,000 to $15,000,” in a statement on their company blog, Microsoft said.

Ready to hunt for bugs? 🐛💰

Microsoft’s new ‘bug bounty’ program offers up to $15,000 for finding vulnerabilities in its Bing AI products, including prompts that bypass set guardrails.

(Image credit: https://t.co/46eT7Tkz4w] pic.twitter.com/hb3TLU7Kzb

— Ramesh Dontha 🦉 (@EntrepreneursAI) October 14, 2023

The programme is available to all security researchers, irrespective of their prior experience or location. Through the portal provided by the Microsoft Security Research Center (MSRC), researchers can submit their results.

This programme is open to addressing vulnerabilities in a variety of AI-powered Bing integrations, including Bing Chat, Bing Chat for Enterprise, the Bing Image Creator on bing.com, the Bing integration in Microsoft Edge, the Microsoft Start Application, and the Skype Mobile Application for iOS and Android.

It should also be possible to reproduce the issue on the most recent fully patched version of the product or service. The applicants are required to offer detailed instructions on how to reproduce the issue.

Any security flaws that have been discovered in these integrations are eligible for prize consideration and may be submitted for consideration.

Additionally, the corporation disclosed the qualifications necessary to submit bugs for consideration.

In order to be eligible for a reward, the problem that was discovered must be new to Microsoft and of critical or significant severity, according to the Vulnerability Severity Classification for AI Systems that is provided by Microsoft.

AI-powered Bing experiences are now available on bing.com in the Browser, and all main vendors are supported.

when intern pushes code on production @Microsoft @bing #bug #Microsoft pic.twitter.com/GtVbUtsCyQ

— Rishv (@Rishv16) November 21, 2022

This vulnerability has to be of a severe or important severity, according to the Microsoft Vulnerability Severity Classification for AI Systems, and it needs to be able to be reproduced on the most recent version of the product or service that has all of its patches applied.

New Microsoft bug bounty program focuses on AI-powered Bing https://t.co/wATWmjwsFm #Security #Microsoft

— The Cyber Security Hub™ (@TheCyberSecHub) October 12, 2023

Microsoft announces the AI Bug Bounty Program to uncover vulnerabilities in Bing and AI integrations. Earn rewards up to $15,000 and contribute to a more secure digital landscape. #Microsoft #AI #Bing #BugBounty #SecurityResearchershttps://t.co/JuPiGezjVO

— Tech ‘N’ Spice (@technspice) October 14, 2023

Participants must be at least 14 years old to take part in this programme. For minors, authorization is required from a parent or legal guardian. With the help of this AI bounty programme, Microsoft hopes to discover serious vulnerabilities in AI-powered Bing and increase the company’s consumers’ sense of safety.

The business has also said that the objective of the AI bounty programme is to find major vulnerabilities in the brand-new, cutting-edge, AI-powered Bing experience. These flaws are supposed to have a direct and observable effect on the customers’ safety.