Microsoft has launched this year’s Zero Day Quest, a global security challenge that it calls the largest hacking event in history.
The tech giant is offering up to $5 million in bug bounty rewards, focusing on finding security flaws in cloud services and AI technologies.
Last year, Microsoft offered $4 million in prizes, resulting in over 600 vulnerability reports. The company paid out $1.6 million to ethical hackers who helped uncover issues in products like Azure and Microsoft 365. This year’s contest raises the stakes even higher.
The competition runs from August 4 to October 4, 2025, and is open to all security researchers around the world. Microsoft is encouraging participation by offering a 50% bonus for reports of critical vulnerabilities and high-impact security issues in platforms like:
- Microsoft Azure
- Copilot (AI tools)
- Dynamics 365
- Power Platform
- Microsoft 365
- Microsoft Identity Services
If a vulnerability qualifies for more than one bonus, the higher reward will apply.
Top researchers will be invited to a live hacking event at Microsoft’s headquarters in Spring 2026, where they’ll work directly with Microsoft’s security teams.
To support participants, Microsoft will also offer training sessions led by its AI Red Team, Microsoft Security Response Center (MSRC), and Dynamics 365 security experts. These will cover AI security testing, bug bounty processes, and ethical hacking best practices.
This contest is part of Microsoft’s Secure Future Initiative (SFI), which began in 2023. The program was launched in response to a U.S. government review that criticized Microsoft’s past security practices and called for serious improvements. Microsoft says the knowledge gained from Zero Day Quest will be used internally to strengthen cloud and AI security and will be shared publicly through the CVE database, even when no customer action is required.
Microsoft also recently announced:
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
- Up to $40,000 reward for .NET and ASP.NET Core vulnerabilities
- Up to $30,000 for Power Platform and Dynamics 365 AI flaws
- Double rewards (100% bonus) for all security issues reported in Microsoft Copilot
With the expanded rewards and deeper focus on AI and cloud security, Microsoft is aiming to boost transparency and build stronger defenses in its products through collaboration with the ethical hacking community.
