Microsoft will pay up to $20,000 to people who find problems with Xbox Live as part of new bug bounty programme

Gamers will receive top prize for most dangerous issues

Attendees walk under the Microsoft Xbox One logo on the final day of the E3 Electronic Entertainment Expo, in Los Angeles, California June 13, 2013
Attendees walk under the Microsoft Xbox One logo on the final day of the E3 Electronic Entertainment Expo, in Los Angeles, California June 13, 2013

Microsoft has launched a new programme that will pay up to $20,000 to people who find problems with Xbox Live.

The Xbox bounty programme aims to identify security vulnerabilities in the online gaming service so they can be fixed. It will do so by offering an incentive to people who find them and inform Microsoft, rather than exploiting them themselves.

The biggest payouts will go to gamers and security researchers who find issues that could be exploited in the most damaging ways, such as those that allow hackers access to the central parts of the Xbox. Those who find smaller bugs may only receive $500.

The launch of the Xbox bounty programme comes as Microsoft gears up for the launch of Xbox One X and the xCloud online streaming service. Both of those will be run on Xbox Live, and so the bounty programme will continue as those new consoles and services launch.

Unlike some other bug bounty programmes, Microsoft is explicitly targeting "gamers" and asking them to see if they can find issues. As such, the company is asking for detailed submissions from anyone trying to score the $20,000.

Anyone reporting a bug will have to send a "a clear and concise proof of concept", such as a video demonstrating the issue and how it can be exploited.

Microsoft will continue to work to find bugs on its own, as it has until now, it said.

"The bounty program supplements our existing investments in security development and testing to uncover and remediate vulnerabilities which have a direct and demonstrable impact on the security of Xbox customers," wrote Chloé Brown from Microsoft's security team.

"Public bounty programmes are a valuable approach which combine with ongoing internal testing, private programs and knowledge shared by partners to produce a secure ecosystem to play in."

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in