01 Feb 2020
Flag bugs in Xbox, win up to Rs. 14 lakh
After Google and Apple, Microsoft is also doubling down on the security of its products.
The company has launched a new bug bounty program promising rewards up to Rs. 14 lakh (maybe even more in some cases) to anyone who flags critical security vulnerabilities in the Xbox system.
Here's all you need to know about the effort.
Program to learn about Xbox Live network flaws
Through the new program, Microsoft is hoping to incentivize and motivate people for discovering and reporting critical security flaws in the Xbox Live network and services on time.
Chloé Brown, the Security Program Manager of the Redmond giant, said the program is open to basically anyone with the skills to find issues, including gamers, researchers, white hat hackers, and technologists around the world.
Rewards up to Rs. 14 lakh
Per Microsoft, the rewards handed out will range between Rs. 35,000 and Rs. 14 lakh - depending on report quality and the severity of the vulnerability in question.
The biggest payouts will be given away if you flag vulnerabilities revolving around critical remote code execution or elevation of privileges, while smaller issues like security bypass/spoofing/tampering will get you rewards up to Rs. 3.5 lakh.
Higher rewards can be also given
Although the maximum reward is restricted up to Rs. 14 lakh, there is a chance of higher payouts as well. However, Microsoft will decide that, based on the report quality and vulnerability impact.
Also, it is worth noting that if a bug report doesn't qualify for a reward but leads to a vulnerability fix, the researcher will get public acknowledgment from the company.
How to submit a bug report?
If you have flagged a vulnerability, you would need to submit a detailed write-up or video demonstration of the issue and a proof-of-concept.
In case the vulnerability report qualifies and results in a security fix, Microsoft's team will get back to you.
This will eventually make Xbox Live network more secure
Eventually, the bug bounty program will let Microsoft patch the flaws of Xbox Live network before they are exploited, and create a more secure platform for the gamers.
To note, the move from the company comes just as it gears up for the launch of Xbox Series X console and xCloud game streaming service - both of which operate on the network.