Microsoft Xbox Bug Bounty Program Offers $20,000 Rewards To Researchers

| Published: Friday, January 31, 2020, 16:46 [IST]

Microsoft seems very serious about the vulnerability issues with its Xbox consoles. The company has announced a new bug bounty program for security researchers and to open public which will allow them to find critical bugs in the Xbox ecosystem. The bounty rewards will be decided depending on the impact of the vulnerability and the quality of report submitted by the researcher.

Microsoft Xbox Bug Bounty Program Offers $20,000 Rewards

"The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team. Qualified submissions are eligible for bounty rewards of $500 to $20,000 USD," reads Microsoft blog post.

Companies like Apple, OnePlus, and others have already announced bug bounty programs in the past. Tech giants believe that this is a very effective and interesting way of finding critical bugs in their software and helps them to acknowledge the bug before anyone else can take advantage of it and break their software ecosystem.

Microsoft has introduced multiple tiers in this bug bounty program which acknowledge security impacts from RCET (Remote Code Execution Tampering). All the security impact comes with designated rewards depending on the high-risk factor of the vulnerability and reports quality.

To get qualify for an eligible submission, researches need to follow some important rules. First, they have to identify a bug which was not identified or reported in the past. The report should include clear instructions, consequences, and the steps to breach into the ecosystem. The report can be submitted in written or video format.

Microsoft suggests some of the example vulnerabilities which can lead bug hunter to find one or more security impact: