Microsoft patches up security hole in Xbox Live… Which was discovered by a five-year old

 

A five-year old boy discovered a glaring security hole in Xbox Live when he managed to log into his father’s Xbox One….Without guessing the password.

Yes, you heard that right, he logged into rather hacked into his father’s account without doing much.

 

You see, he had entered his password wrong when he tried to log into his father’s account. Due to this, the password verification screen appeared, where he pressed the space bar a few times. And it worked!

His father, working in computer security, was understandably overjoyed about his son’s finding.

How awesome is that!” he said. “Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”

Kristoffer Von Hasse and his family reported the glaring bug to Microsoft which in return gave him $50, 4 games and a year-long subscription to Xbox Live.

And he got recognized as an Official Microsoft Security Researcher. While being five years old. How awesome is that?

However, it isn’t yet clear whether the bug applies to just when logging in through a Xbox One or when logging through all devices.

Looks like we will never know, since the bug has now been patched (Obviously).

In a statement, Microsoft said, “We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.”

(ABC 10)

His father was spurred on by curiosity by his son’s finding and had asked him to repeat the feat while on video, reports San Diego’s KGTV.

What is interesting is that this isn’t Kristoffer’s first ‘no-efforts’ hack. He had been able to bypass the toddler lock screen on a cell phone by pressing down the home button when he was only one year old.

Seems like Kristoffer has hacker genes, right?

Sources: San Diego’s KGTV

 

Advertisements

What are your Thoughts? Speak your Mind!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s