{"id":3493,"date":"2025-04-24T10:05:47","date_gmt":"2025-04-24T10:05:47","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/04\/24\/microsoft-to-offer-rewards-up-to-30000-for-ai-vulnerabilities\/"},"modified":"2025-04-24T10:05:47","modified_gmt":"2025-04-24T10:05:47","slug":"microsoft-to-offer-rewards-up-to-30000-for-ai-vulnerabilities","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/04\/24\/microsoft-to-offer-rewards-up-to-30000-for-ai-vulnerabilities\/","title":{"rendered":"Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities"},"content":{"rendered":"<p>    Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Microsoft has launched an expanded bug bounty program offering rewards of up to $30,000 for researchers who identify critical vulnerabilities in AI systems within its Dynamics 365 and Power Platform products.\u00a0<\/p>\n<p>The initiative, announced by Microsoft Security Response, aims to strengthen security in enterprise AI by incentivizing ethical hackers to uncover potential weaknesses before malicious actors can exploit them.<\/p>\n<h2 class=\"wp-block-heading\"><strong>AI Security Classification Framework<\/strong><\/h2>\n<p>The program leverages Microsoft\u2019s newly developed Vulnerability Severity Classification for AI Systems, which categorizes AI-specific security risks into three primary vulnerability types:<\/p>\n<p>This category addresses vulnerabilities that could be exploited to manipulate a model\u2019s response to individual inference requests without modifying the model itself. Key vulnerability types include:<\/p>\n<p><strong>Prompt Injection: <\/strong>Attacks where injected instructions cause the model to generate unintended output, potentially allowing attackers to exfiltrate user data or perform privileged actions.\u00a0<\/p>\n<p>Critical severity prompt injections requiring no user interaction can earn the highest bounties.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">We&#8217;re now offering bounty awards up to $30,000 for AI vulnerabilities in Dynamics 365 and Power Platform.<\/p>\n<p>Eligible vulnerability types are defined in the Microsoft Vulnerability Severity Classification for AI Systems (<a href=\"https:\/\/t.co\/UN5rJtLwBM\">https:\/\/t.co\/UN5rJtLwBM<\/a>) and include:<br \/>\u2022 Inference\u2026<\/p>\n<p>\u2014 Security Response (@msftsecresponse) <a href=\"https:\/\/twitter.com\/msftsecresponse\/status\/1915107803242561674?ref_src=twsrc%5Etfw\">April 23, 2025<\/a>\n<\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p><strong>Input Perturbation:<\/strong> Vulnerabilities where attackers perturb valid inputs to produce incorrect outputs, also known as model evasion or adversarial examples.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Model Manipulation<\/strong><\/h2>\n<p>These vulnerabilities target the training phase of AI systems, including:<\/p>\n<p><strong>Model Poisoning:<\/strong> Attacks where the model architecture, training code, hyperparameters, or training data are tampered with.<\/p>\n<p><strong>Data Poisoning:<\/strong> When attackers add poisoned data records to datasets used to train or fine-tune models, potentially introducing backdoors that can be triggered by specific inputs.<\/p>\n<p><strong>Inferential Information Disclosure<\/strong><\/p>\n<p>This category encompasses vulnerabilities that could expose sensitive information about the model\u2019s training data, architecture, or weights:<\/p>\n<ul class=\"wp-block-list\">\n<li>\n<strong>Membership Inference: <\/strong>The ability to determine whether specific data records were part of the model\u2019s training data.<\/li>\n<li>\n<strong>Attribute Inference:<\/strong> Techniques to infer sensitive attributes of records used in training.<\/li>\n<li>\n<strong>Training Data Reconstruction:<\/strong> Methods to reconstruct individual data records from the training dataset.<\/li>\n<li>\n<strong>Model Stealing: <\/strong>Attacks that allow the creation of functionally equivalent copies of target models using only inference responses.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><strong>Reward Structure and Eligibility<\/strong><\/h2>\n<p>Bounty awards range from $500 to $30,000, with the highest rewards reserved for critical severity vulnerabilities accompanied by high-quality reports.\u00a0<\/p>\n<p>The program specifically targets AI integrations in PowerApps, model-driven applications, Dataverse, AI Builder, and Microsoft Copilot Studio.<\/p>\n<p>The severity classification system considers both the vulnerability type and the security impact, with the highest rewards for vulnerabilities that could allow attackers to exfiltrate another user\u2019s data or perform privileged actions without user interaction.<\/p>\n<p>Security researchers interested in participating can begin by signing up for free trials of Dynamics 365 or Power Platform services.<\/p>\n<p>Microsoft provides detailed documentation for each product to assist researchers in understanding the systems they\u2019re testing.<\/p>\n<p>Microsoft\u2019s Security Response team <a href=\"https:\/\/www.microsoft.com\/en-us\/msrc\/aibugbar\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">announced<\/a>, \u201cYour research could help us strengthen the security of enterprise AI. \u201c<\/p>\n<p>The program forms part of Microsoft\u2019s broader security initiative, which includes bounty programs for various Microsoft products and services.\u00a0<\/p>\n<p>All submissions are reviewed for bounty eligibility, and researchers are recognized even when they don\u2019t qualify for monetary rewards but lead to security improvements.<\/p>\n<p>Through this initiative, Microsoft continues to emphasize collaborative security efforts as AI integration deepens across its enterprise solutions.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 93%,rgb(169,184,195) 100%)\"><strong><code>Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-&gt;\u00a0<a href=\"https:\/\/any.run\/cybersecurity-blog\/malware-trends-q1-2025\/?utm_source=cyber-threat-intel_linkedin&amp;utm_medium=post&amp;utm_campaign=q1&amp;utm_content=blog&amp;utm_term=150425\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Get Your Free Copy<\/a><\/code><\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/microsoft-rewards-ai-vulnerabilities\/\">Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Guru Baran<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/microsoft-rewards-ai-vulnerabilities\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities Microsoft has launched an expanded bug bounty program offering rewards of up to $30,000 for researchers who identify critical vulnerabilities in AI systems within its Dynamics 365 and Power Platform products.\u00a0 The initiative, announced by Microsoft Security Response, aims to strengthen security in enterprise AI [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-3493","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3493"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=3493"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3493\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=3493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=3493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=3493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}