GitHub Copilot Billing Bug Fix Drains Developer Credits

GitHub Copilot subscribers received an unexpected message this week: please reduce your usage. The reason was not a new pricing policy — it was a bug fix that punished the wrong people. Microsoft quietly corrected a token-counting error (tokens are the units of text that AI tools consume — roughly 4 characters each) that had been silently giving developers more compute than their plans allowed, and the correction left monthly allowances draining far faster than expected — a painful disruption for teams that have built AI automation workflows around Copilot's output.

The story matters beyond one billing glitch: it reveals how quickly enterprise AI tools can erode trust when transparency lags behind technical decisions. And it landed the same week that Fortinet disclosed two critical vulnerabilities in its sandbox security product — adding pressure on IT teams already managing an expanding AI attack surface.

GitHub Copilot's Silent Credit Windfall — and How It Ended

GitHub Copilot runs on a subscription model where each code generation or suggestion consumes a portion of a monthly token allowance (a pre-set limit on how much the AI can generate for you per billing cycle). For months, a counting bug was miscalculating how many tokens each interaction actually consumed — logging fewer than the real number used.

The practical effect: every Copilot subscriber was quietly getting more value out of their plan than the pricing model intended. For an individual developer, this might mean a few extra days of usage each month. For enterprise teams running 50 or 100 developers through Copilot simultaneously, the difference was substantial — and completely invisible.

• Bug discovered: approximately 1 month before Microsoft notified customers
• Duration of undercounting: unknown — Microsoft has not disclosed a start date
• Affected tiers: all Copilot plans using token-based billing
• Average per-subscriber impact: not publicly disclosed

The bug was not uncovered by a customer — it was caught internally. Microsoft knew about the miscounting for an entire month before notifying subscribers. During that period, developers built workflows, set productivity targets, and made renewal decisions based on usage data that Microsoft already knew was wrong.

How the Bug Fix Triggered a GitHub Copilot Billing Revolt

When Microsoft corrected the token-counting algorithm, subscribers felt it immediately. Monthly credit balances — which had previously lasted through full billing cycles — began depleting days ahead of schedule. The fix corrected the math but penalised the people who had adapted to the miscounted limits.

The sequence of events made the customer revolt worse than it needed to be:

1. Microsoft discovers the token-counting bug internally
2. One full month passes — no customer notification
3. Bug fix deployed with no prior warning — faster depletion starts immediately
4. Customers are then asked to reduce usage to ease server strain from the sudden shift

The Register's Thomas Claburn captured the frustration precisely: the repair of a bug that undercounted token usage led directly to the rapid exhaustion of subscription allowances. In standard cloud service incident management, vendors are expected to notify customers of billing-affecting bugs within days — not a month. The 30-day gap between internal discovery and customer disclosure is what transformed a routine technical correction into a trust incident.

For individual developers on personal plans, the impact is inconvenience — hitting daily limits earlier on heavy coding sessions. For enterprise customers who locked in annual contracts based on expected usage patterns, it raises a harder question: were those contracts priced on accurate data? Understanding a tool's real billing mechanics is critical before signing anything long-term — the AI tools guide at aiforautomation.io covers what to verify before committing to an enterprise plan.

Fortinet FortiSandbox Critical Flaws — A Security Tool With Its Own Security Hole

The same week, Fortinet disclosed two critical vulnerabilities (flaws rated at the highest severity level, meaning attackers require no credentials or user interaction to exploit them) in its FortiSandbox product. FortiSandbox is an enterprise tool designed to analyse suspicious files, emails, and URLs in a controlled environment — essentially a virtual quarantine zone where dangerous code can be safely detonated before it touches live systems.

The irony is sharp: a product built to catch dangerous code now has flaws that let attackers run dangerous code on it. Specifically, the 2 vulnerabilities allow:

• Authentication bypass: attackers gain full access without any login credentials — completely skipping the security gate that should protect the system
• Remote code execution via HTTP: once past the login screen, an attacker can execute any command on the server using a standard web request — no specialist tools, no insider access required

As of the public disclosure, no active exploitation of the 2 Fortinet flaws has been confirmed. But security researchers treat critical authentication-bypass vulnerabilities in security appliances as high-priority targets. An attacker who compromises a sandbox can observe exactly what a security team flags as suspicious — potentially learning how to build malware that evades future detection. This technique, known as security tool reconnaissance (studying a defender's tools to reverse-engineer their blind spots), is a documented real-world attacker strategy.

Who Needs to Act Now on FortiSandbox Vulnerabilities

Organisations running FortiSandbox in environments reachable from untrusted networks — particularly if the management interface is exposed to the public internet — carry the highest immediate risk. Fortinet has not yet disclosed a patch timeline or official workarounds. Until a patch is released, security teams should:

• Verify whether the FortiSandbox management interface is internet-accessible
• Restrict access via firewall rules to known, trusted IP ranges only
• Monitor Fortinet's PSIRT advisories (Product Security Incident Response Team — the official source for patch and vulnerability notices) for patch availability
• Review HTTP access logs targeting the sandbox for unusual activity patterns

AI Automation Tools and the Enterprise Trust Gap in 2026

Both stories share a common thread: enterprise software that organisations now depend on for either productivity or security revealed operational gaps this week that should not exist at their scale and price point. GitHub Copilot is the dominant AI coding assistant — used by hundreds of thousands of enterprise developers worldwide. Fortinet is a top-5 network security vendor by revenue. Neither is a startup working through early-stage issues.

The Copilot billing situation also exposes a structural tension in how AI tools charge for usage. Unlike traditional SaaS tools (software sold at a flat rate per user per month), AI tools bill by consumption — which fluctuates widely, is often invisible to end users in real time, and is now apparently subject to miscounting at scale. As vibe coding and AI automation become standard in enterprise development, usage patterns grow harder to predict and easier to underestimate. Until vendors invest in transparent, real-time usage dashboards with proactive billing alerts, enterprise buyers are making financial and capacity decisions with incomplete data. Teams evaluating AI automation tools for the first time can use the AI tools setup guide at aiforautomation.io to establish billing baselines before signing contracts.

If you use GitHub Copilot, open your billing dashboard today and compare actual token consumption over the past 30 days against your current subscription tier. If your team relies on FortiSandbox, treat the patch as a critical priority the moment Fortinet releases it, and apply network isolation in the meantime. Both situations are manageable — but both reward teams that act in the next 48 hours over those that wait for a follow-up email from the vendor.

Related Content — Get Started | Guides | More News