Gamasutra: The Art & Business of Making Gamesspacer
Microsoft patches Xbox Live security flaw found by 5-year-old
Microsoft patches Xbox Live security flaw found by 5-year-old
April 4, 2014 | By Alex Wawro




Newsbrief: ABC 10 reports that Microsoft has patched an Xbox Live security flaw which allowed a 5-year-old in San Diego, California to log into his father's account without knowing the password.

Earlier this year, Kristoffer Von Hassel's parents discovered that he was logging into his father's Xbox Live account and playing games without their permission.

Investigating further, Von Hassel's father -- a security researcher at ServiceNow -- discovered that his son had managed to access his account by entering the wrong password, then bypassing the ensuing password verification screen by submitting a "password" of blank spaces.

The family reported the vulnerability to Microsoft. Microsoft responded by fixing the security flaw, acknowledging Kristoffer in the company's March 2014 list of security researchers, and giving the Von Hassel family $50, four Xbox One games and a year of Xbox Live Gold membership.

"We're always listening to our customers and thank them for bringing issues to our attention," a Microsoft representative said in a statement to ABC 10. "We take security seriously at Xbox and fixed the issue as soon as we learned about it."


Related Jobs

Playful Corp
Playful Corp — McKinney, Texas, United States
[06.27.17]

Senior Engineer
Treyarch
Treyarch — Santa Monica, California, United States
[06.27.17]

Senior Lighting Artist
Disruptor Beam
Disruptor Beam — FRAMINGHAM, Massachusetts, United States
[06.27.17]

Associate Product Manager
Hidden Monster Games
Hidden Monster Games — Amsterdam, Netherlands
[06.27.17]

Senior JavaScript game developer









Loading Comments

loader image