Microsoft Offers up to $20,000 Bounty for Finding Xbox Live Bugs

Microsoft has joined other companies in asking people for help and offering rewards by finding and fixing problems they might potentially have in their consoles or games. In this note, they are offering bounties of up to $20,000 cold hard cash for anyone who joins the program.

On a statement issued earlier today, Microsoft mentioned that "The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team," from their official website.

Eligibility of Submissions

Now to understand why they are doing this, it's because Microsoft's Xbox Live has never had a major hack to date so they want to keep it that way. The program is to uncover vulnerabilities they might have that could impact the security and safety of Microsoft's loyal fan base. Submissions must have these criteria in mind:

  • Identify any previously unreported vulnerabilities that are present in the patched version of Xbox Live network and services during the time of submission
  • Include clear, concise, and reproducible steps in writing or in video format.
    • Allows submission to be reviewed as promptly as possible and can tag you the chance of the highest bounty available.

If you need to see examples of how to write or make a video as to how to fix the issue you just cracked, click here now.

Money
pexels.com

Rating for Each Bounty

Tampering, Spoofing, Information Disclosure, and Security Feature Bypass could net you either $1,000, $2,000, or $5,000 depending on the severity of the find. Elevation of Privileges could give you an amount of $1,000 up to $8000 still depending on the issue if it's critical enough. Now, if you're here because you are aiming for that sweet $20,000 doubloons, you will need to find an issue about Remote Code Execution that could net you as low as $5,000, which rises to $20,000 depending on how critical the issues are.

Breadcrumbs to Start With

The following are examples of vulnerabilities that may lead to one or more of the above security impacts of Xbox Live:

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Insecure direct object references
  • Insecure deserialization
  • Injection vulnerabilities
  • Server-side code execution
  • Significant security misconfiguration (when not caused by user)
  • Demonstrable exploits in third-party components

Other companies that ask for help from people to identify their issues are big names like Valve and Rockstar Games and Nintendo, just to name a few. This is a good thing since not only do companies that make your beloved games but also they ask the gaming community to help them as well to improve the services that gamers really use in day-to-day lives. So for all you tech-savvy readers out there, here's your chance to put your skills to the test and get that bounty that everyone is looking for!

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics