• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
  • Hey Guest. Check out the NeoGAF 2.2 Update Thread for details on our new Giphy integration and other new features.

News Community Microsoft launches Xbox bug bounty program with rewards up to $ 20,000

Shin

Banned
Feb 4, 2013
5,865
4,532
995
The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team. Qualified submissions are eligible for bounty rewards of $500 to $20,000 USD.

HOW ARE AWARD AMOUNTS SET?
Bounty awards range from $500 up to $20,000. Higher awards are possible, at Microsoft’s sole discretion, based on report quality and vulnerability impact. Researchers who provide submissions that do not qualify for bounty awards may still be eligible for public acknowledgment if their submission leads to a vulnerability fix.

Security ImpactReport QualitySeverity
CriticalImportantModerateLow
Remote Code ExecutionHigh
Medium
Low
$20,000
$15,000
$10,000
$15,000
$10,000
$5,000
N/AN/A
Elevation of PrivilegeHigh
Medium
Low
$ 8,000
$ 4,000
$ 3,000
$5,000
$2,000
$1,000
$0N/A
Security Feature BypassHigh
Medium
Low
N/A$5,000
$2,000
$1,000
$0N/A
Information DisclosureHigh
Medium
Low
N/A$5,000
$2,000
$1,000
$0$0
SpoofingHigh
Medium
Low
N/A$5,000
$2,000
$1,000
$0$0
TamperingHigh
Medium
Low
N/A$5,000
$2,000
$1,000
$0$0
Denial of ServiceHigh/LowOut of Scope


Source: https://www.microsoft.com/en-us/msrc/bounty-xbox

It makes sense with digital becoming more and more dominant and attacks happening frequently around the globe to get user data.
 

Three

Member
Oct 26, 2014
5,370
2,706
610
Sony should do the same. Especially after the horrendous PSN hack, where data of 77 MILLION has been stolen: https://www.theguardian.com/technology/2011/apr/26/playstation-network-hackers-data

😄 The shills are getting crazy
 

sn0man

Member
Nov 23, 2013
1,226
773
600
Xbox hadware bug: a disc-based console that requires a network connection for initial setup to play game discs.
 

Three

Member
Oct 26, 2014
5,370
2,706
610
What's crazy is calling someone a "shill" for pointing out a security incident that really happened.
It happened 8 years ago and he's linking to an article about it. What did an incident 8 years ago have to do with anything to even warrant a mention let alone link an old news article to it?

Reminds me of the crazies who drop mention some decade(s) old news (Iran flight 655 is a good example) due to some pent up allegiance and whataboutisms.

Those hacks happened almost a decade ago, security was improved and everyone moved on except the warriors. The suggestion of 'Sony should do this too' 9 years after is stupid.
 
Last edited:

Heinrich

Banned
Nov 26, 2016
390
583
360
It happened 8 years ago and he's linking to an article about it. What did an incident 8 years ago have to do with anything to even warrant a mention let alone link an old news article to it?

What does the launch of Xbox one, which was also a lot of years ago have to do with the launch of the series x?

he even created a FUCKING THREAD for this. A THREAD:



at least I only posted a comment.