Here’s some recent articles related to both Microsoft’s policy on hackers and an earlier case in California. The most telling remarks is perhaps:

“I think the bottom line is that anybody that does disclosures of security vulnerabilities has to be very careful (so as to) not be accused of being a hacker,” Tien said. “The computer trespass laws are very, very tricky.” from “Breach Case Could Curtail Web Flaw Finders” in the Register.

The more recent article, entitled “Microsoft: Finding flaws on our website is OK” tells a different story, but as the referred to in the article, the area is still uncertain and this claim by one spokesperson runs counter to past behaviour.