×

Registration

Profile Informations

Login Details

or login

First name is required!
Last name is required!
First name is not valid!
Last name is not valid!
This is not an email address!
Email address is required!
This email is already registered!
Password is required!
Enter a valid password!
Please enter 6 or more characters!
Please enter 16 or less characters!
Passwords are not same!
Terms and Conditions are required!
Email or Password is wrong!

Microsoft Launches Xbox Bounty Program Paying Out Up To $20,000

Xbox Series X

Microsoft has announced that it is launching a new Xbox Bounty Program that will pay gamers, security researchers, and tech fans globally for finding and reporting bugs. Bug bounty programs have been around for a long time and are an effort by companies to allow the public to uncover vulnerabilities in software and hardware to report them to the manufacturer rather than putting them on the black market (or using them personally for nefarious purposes). Microsoft says that the new Xbox bounty program requires the person finding a bug to share it with the Microsoft Xbox team via the Coordinated Vulnerability Disclosure or CVD.

Eligible submissions that have a clear and concise proof of concept are eligible for rewards up to $20,000, while the minimum offered bounty is $500. Microsoft says that bounties will be awarded at its discretion based on the severity and impact of the vulnerability and the quality of the submission. An eligible submission must meet the criteria below:

  • Identify a previously unreported vulnerability that reproduces in our latest, fully patched version of Xbox Live network and services at the time of submission.
  • Include clear, concise, and reproducible steps, either in writing or in video format.
  • This allows submissions to be reviewed as quickly as possible and supports the highest bounty awards.

Participating in the bounty program requires the user to have an Xbox network account, and Microsoft recommends using one or more test accounts to conduct vulnerability research. Access to an Xbox console isn’t required, but would be helpful. Microsoft also notes that access to Xbox Gold, Project xCloud, Xbox Game Pass, Xbox Game Pass for PC, or Xbox Game Pass Ultimate accounts would be helpful, but not required. No hardware or accounts will be given out for testing, and to earn the highest bounty of $20,000, users must demonstrate a remote code execution deemed "critical" severity.

In other Xbox news, earlier this month the next-gen Xbox Series X was seen in a leaked image exposing the rear ports of the console.

Go to Source