Microsoft is increasing payouts for its Copilot bug bounty program
The tech giant is expanding the Copilot bug bounty program to find flaws in the flagship AI tool
Microsoft has announced an expansion of its Copilot bug bounty program, boosting payouts and adding coverage of WhatsApp and Telegram tools.
The move comes after a set of flaws spotted by researchers in August would have allowed hackers to "confuse" Copilot into leaking confidential data, while a separate flaw spotted by Tenable could have allowed attackers to meddle with Copilot Studio to access data.
Such vulnerabilities in Copilot were spotted by researchers and addressed by Microsoft, rather than first found by hackers and put to use against customers — and that's exactly the way Microsoft would like it to work.
"We believe that collaboration with the security research community is essential to maintaining the integrity and security of our Copilot consumer products," wrote Lynn Miyashita and Madeline Eckert from the Microsoft bounty team in a blog post earlier this month.
Copilot bug bounty scheme eyes wider scope
Microsoft first unveiled a bug bounty program for Copilot in October 2023 for AI in Bing, later expanding it to include the wider suite of Copilot products and more recently to cover a wider range of flaws.
Now, the company is increasing the bounty award payments and the scope of the program, as well as more closely aligning the Copilot severity ratings with its existing online vulnerability classification system.
To start, the payouts of up to $5,000 will now extend to moderate vulnerabilities, which didn't earn a bounty previously; low severity flaws remain unpaid.
"We recognize that even moderate vulnerabilities can have significant implications for the security and reliability of our Copilot consumer products," the blog post added.
"To address this, we are introducing new incentives for moderate severity Copilot cases. Researchers who identify and report moderate severity vulnerabilities will now be eligible for bounty rewards up to $5,000."
Bounty awards now vary between $250 to $5,000 for moderate flaws, $1,000 to $20,000 for important flaws, and up to $30,000 for the most serious critical vulnerabilities. Microsoft notes that higher awards are possible.
Beyond the bounties, Microsoft is expanding the reach of Copilot for Telegram and Copilot for WhatsApp, as well as web access via copilot.microsoft.com and copilot.ai.
"This expansion provides researchers with more opportunities to contribute to the security of our Copilot ecosystem and helps us identify and mitigate potential vulnerabilities across a wider array of platforms," the blog post added.
Vulnerability classification
While the expanded bounties may catch the attention of researchers, Microsoft said the biggest change was the integration of the Microsoft Vulnerability Severity Classification for Online Services, otherwise known as the Online Services bug bar, following previous work with the AI version of that system.
RELATED WHITEPAPER
As part of the move, Microsoft aims to create a more consistent severity framework for vulnerabilities spotted in Copilot.
"By aligning with the Online Services Bug Bar, we ensure that all reported vulnerabilities are assessed with the same rigor and standards applied across Microsoft’s online services," the company said.
"This not only streamlines the evaluation process but also enhances the transparency and fairness of our bounty rewards."
MORE FROM ITPRO
-
Is your new hire an AI clone? Microsoft says North Korean hackers are using AI to impersonate job seekers and steal company secretsNews The groups are increasingly using face-changing or voice-changing software to make their fake identities more plausible
-
CrowdStrike says AI is officially supercharging cyber attacks: Average breakout times hit just 29 minutes in 2025, 65% faster than in 2024 – and some attacks take just secondsNews Cyber criminals are actively exploiting AI systems and injecting malicious prompts into legitimate generative AI tools
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Harnessing AI to secure the future of identityIndustry Insights Channel partners must lead on securing AI identities through governance and support
-
‘They are able to move fast now’: AI is expanding attack surfaces – and hackers are looking to reap the same rewards as enterprises with the technologyNews Potent new malware strains, faster attack times, and the rise of shadow AI are causing havoc
-
Microsoft patches six zero-days targeting Windows, Word, and more – here’s what you need to knowNews Patch Tuesday update targets large number of vulnerabilities already being used by attackers
-
CISA’s interim chief uploaded sensitive documents to a public version of ChatGPT – security experts explain why you should never do thatNews The incident at CISA raises yet more concerns about the rise of ‘shadow AI’ and data protection risks
-
AI is “forcing a fundamental shift” in data privacy and governanceNews Organizations are working to define and establish the governance structures they need to manage AI responsibly at scale – and budgets are going up
