A five-year old boy discovered a glaring security hole in Xbox Live when he managed to log into his father’s Xbox One….Without guessing the password.
Yes, you heard that right, he logged into rather hacked into his father’s account without doing much.
You see, he had entered his password wrong when he tried to log into his father’s account. Due to this, the password verification screen appeared, where he pressed the space bar a few times. And it worked!
His father, working in computer security, was understandably overjoyed about his son’s finding.
How awesome is that!” he said. “Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”
Kristoffer Von Hasse and his family reported the glaring bug to Microsoft which in return gave him $50, 4 games and a year-long subscription to Xbox Live.
And he got recognized as an Official Microsoft Security Researcher. While being five years old. How awesome is that?
However, it isn’t yet clear whether the bug applies to just when logging in through a Xbox One or when logging through all devices.
Looks like we will never know, since the bug has now been patched (Obviously).
In a statement, Microsoft said, “We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.”
His father was spurred on by curiosity by his son’s finding and had asked him to repeat the feat while on video, reports San Diego’s KGTV.
What is interesting is that this isn’t Kristoffer’s first ‘no-efforts’ hack. He had been able to bypass the toddler lock screen on a cell phone by pressing down the home button when he was only one year old.
Seems like Kristoffer has hacker genes, right?
Sources: San Diego’s KGTV