Microsoft will give award of up to $20,000 for finding security vulnerabilities in Xbox Live


Microsoft announced an award of up to $20,000 for finding the security vulnerabilities in its Xbox Live. Microsoft is inviting gamers and security researchers from around the world to find out vulnerabilities in the company’s gaming platform. If anyone is able to find vulnerabilities in Xbox Live, Microsoft will give award up to $20K.

This way Microsoft is testing the security of their gaming platform which is being used by millions of users around the world. This will also help company to strengthening security of the service and find out any bug in its system.

Currently over more than 64 million+ gamers are using this platform for playing games around the world.

Earlier Microsoft announced the similar bug bounty for several of its products including Windows, Office, Azure and others. Now the Xbox Bounty Program is announced by the company which will award the gamers and security researchers for finding bugs.

The company is inviting experts to be part of the Xbox Bounty Program. Microsoft will offer awards ranging between $500 to $20,000 for identifying the security bugs in Xbox Live service.

The prize money give by the company depends on the severity and impact of the discovered vulnerability. This means the company will pay more for discovering top security vulnerability.

Microsoft laid down the specifications for this bounty program and this is only applicable for the finding  “Important” and “Critical” vulnerabilities. Bugs which that enable remote code execution attacks, privilege escalation, bypassing security features, information disclosure, spoofing, and tampering; will be part of the specs of the program. If anyone finds such bugs, the company will award for finding such issues.

If anyone discovers the important bug but does not qualify for a bounty award, Microsoft will still give recognition in the form of public acknowledgment.

Interested persons may enrol in the program by signup on the Xbox network. They may create multiple accounts for the purpose of conducting research.