Microsoft Xbox Bug Bounty Program Offers $20,000 Rewards To Researchers


Microsoft seems very serious about the vulnerability issues with its Xbox consoles. The company has announced a new bug bounty program for security researchers and to open public which will allow them to find critical bugs in the Xbox ecosystem. The bounty rewards will be decided depending on the impact of the vulnerability and the quality of report submitted by the researcher.

Microsoft Xbox Bug Bounty Program Offers $20,000 Rewards


"The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team. Qualified submissions are eligible for bounty rewards of $500 to $20,000 USD," reads Microsoft blog post.

Companies like Apple, OnePlus, and others have already announced bug bounty programs in the past. Tech giants believe that this is a very effective and interesting way of finding critical bugs in their software and helps them to acknowledge the bug before anyone else can take advantage of it and break their software ecosystem.

Microsoft has introduced multiple tiers in this bug bounty program which acknowledge security impacts from RCET (Remote Code Execution Tampering). All the security impact comes with designated rewards depending on the high-risk factor of the vulnerability and reports quality.

To get qualify for an eligible submission, researches need to follow some important rules. First, they have to identify a bug which was not identified or reported in the past. The report should include clear instructions, consequences, and the steps to breach into the ecosystem. The report can be submitted in written or video format.

Microsoft suggests some of the example vulnerabilities which can lead bug hunter to find one or more security impact:

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Insecure direct object references
  • Insecure deserialization
  • Injection vulnerabilities
  • Server-side code execution
  • Significant security misconfiguration
  • Using a component with known vulnerabilities


Most Read Articles
Best Mobiles in India

Read More About: microsoft xbox gaming news

Best Phones

Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more