Skip to main content
  1. Home
  2. Gaming
  3. News

Microsoft offers up to $20,000 to identify security vulnerabilities in Xbox Live

Georgina Torbet
By

When it comes to securing complex products, companies are increasingly turning to bug bounty programs to invite members of the public to find security vulnerabilities. Google’s bug bounty program handed out $6.5 million last year, and Apple recently expanded its program to cover macOS bugs as well as iOS bugs.

Now Microsoft is expanding its own bug bounty program from covering software like its Office suite and its Edge browser to also covering the Xbox Live network and services. The company will pay out rewards to anyone who can find and reproduce a security vulnerability in the Xbox Live system.

Recommended Videos

As announced in a Microsoft Security Response Center blog post, “The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD). Eligible submissions with a clear and concise proof of concept (POC) are eligible for awards up to US$20,000.”

Related

CVD is a policy in which researchers agree to disclose any vulnerabilities they find to the creators of the software (in this case, Microsoft) and allow the creators to manage further disclosure. Essentially, participants in the bug bounty program agree that they will turn over information about vulnerabilities to Microsoft and let Microsoft handle the closing of security loopholes and announcements to the public.

To register for the program, users must have an Xbox network account, and Microsoft recommends that they have access to an Xbox with an Xbox Game Pass or Xbox Gold as well. Once a user has identified a security vulnerability that can be reproduced in the latest, patched version of Xbox Live, they must report it in either written or video format.

Bounties range from $1,000 for a low-quality report of a vulnerability that allows tampering all the way up to $20,000 for a high-quality report of a critical vulnerability that enables remote code execution.

Denial of Service attacks are not part of the program and are prohibited, as are automated attacks that generate significant traffic. Social engineering attacks such as phishing are also not allowed.

More details about the details of the bug bounty program are available on the Microsoft website.

Editors' Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Xbox Series X tips and tricks: how to set up your new console
Xbox Series X on a table.

There's no better feeling than booting up a new console and experiencing all the cool features and options available to you. On the flip side, some of the best parts of a console like the Xbox Series X are not automatically presented to you. You could just accept the system as it is and get used to it, but why ignore all the customization options and enhancements you could be enjoying with just a few tweaks?

We get that navigating a console's systems, especially if you're new to the ecosystem, can feel backwards and unintuitive to say the least. Rather than try and dig through layers of menus on your own, we've compiled a list of the best tips and tricks you should know about to get the most enjoyment out of your new Xbox Series X console.

Read more
The best Xbox exclusives of 2022: 6 Game Pass greats that saved Microsoft’s quiet year
Characters from Grounded stand in front of text that says 2022 Best Xbox Exclusives.

The Xbox Series X and Xbox Series S's second year on the market was rough. While the consoles continue to sell well and Xbox Game Pass is still a great deal, the delay of Redfall and Starfield into 2023 decimated the Xbox consoles' first-party 2022 lineup. While the lack of heavy-hitting AAA titles might initially make a list like this seem frivolous, Xbox Series X and Xbox Series S still had quite a few compelling exclusives.

Many of these games are highly experimental, pushing the boundaries of narratives in video games. All of the titles launched on Xbox Game Pass on day one, highlighting the strength of that subscription service. If you have an Xbox Game Pass subscription or are just wondering what 2022 Xbox exclusives are worth playing, these seven console exclusives stand out.
Immortality

Read more
Microsoft’s price hike on Xbox games will apply to PC, Steam
Redfall Cover

Microsoft confirmed to Digital Trends that the impending price increase on its first-party games will apply to its PC releases as well. The change will happen in 2023 and affect upcoming titles like Starfield, Redfall, and Forza Motorsport.

This morning, IGN reported that Microsoft will be raising the prices of Xbox Series X|S games from $60 to $70. Digital Trends asked Microsoft if this would also apply to the PC versions of its games. A Microsoft spokesperson said, "Yes, starting in 2023, our new, full-priced games will be $69.99 across console and PC storefronts. This price reflects the content, scale, and complexity of these titles, regardless of platform. These games will also be available on day one with Game Pass.”

Read more