Home » News » Tech » If You Find a Bug in the Xbox Live Network, Microsoft Will Reward You Up to $20,000

If You Find a Bug in the Xbox Live Network, Microsoft Will Reward You Up to $20,000

Edited By:


Last Updated: February 01, 2020, 17:43 IST

Representative Image.

Representative Image.

The Microsoft Xbox Bug Bounty Programme states that the rewards can be even higher, depending on the flaw that is discovered.

Microsoft has announced its latest Bug Bounty Programme for its Xbox Live network. According to the company, the latest Bug Bounty Programme is being extended to all gamers, security researchers, coders and anyone really with the skills to find bugs in the Xbox Live framework. The rewards to be given out will range from $500 to $20,000, although Microsoft states that the reward can be even higher if the flaw discovered is critical enough in nature.

What Microsoft is looking from its Bug Bounty Programme are detailed, precise demonstrations, either in written or video form, of critical vulnerabilities. The highest rewards will be reserved for flaws such as escalation of privilege and remote code execution on the Xbox Live network. These must also include a clear proof of concept of the flaws, and the wide base of eligible users for the programme suggests that Microsoft is looking for its community to discover any critical vulnerability that its network may have.

Flaws such as bypassing security gateways, improper information disclosure or network tampering are also included in the Programme, but are limited to rewards of up to $5,000. However, a report by The Verge states that Microsoft is not looking for people to test DDoS attacks, social engineering or server-end vulnerabilities.

The Bug Bounty Programme comes ahead of the launch of Microsoft’s Xbox Series X console and the xCloud game streaming platform, both of which will run on the Microsoft Xbox Live network. The company has previously hosted similar Bug Bounty Programmes as well, most notably for its Windows 10 platform. Going forward, it will be interesting to see what critical vulnerabilities are discovered, and how big an impact does this have on its product.