News

« News Home

Microsoft thanks five-year-old for finding Xbox security flaw

by Steve Watts, shacknews.com, Apr 4, 2014 12:30PM PDT

A boy in California has earned some free games after finding an Xbox Live security vulnerability that even Microsoft itself missed. Kristoffer Von Hassel, a five-year-old boy, found a way to access games through his father's Xbox Live account without knowing the password.

San Diego's KGTV (via IGN) reports that Von Hassel found that if he typed an incorrect password into the account, it took him to a password verification screen. If he then put in space keys and hit enter, he could access games as if he were his father. Microsoft has since patched the vulnerability.

Kristoffer's father, Robert Davies, noticed when he saw his son playing games that were supposed to be off-limits. Davies himself works in computer security, and after sussing out what his son had done, he reported the problem to Microsoft. As a token of appreciation, Kristoffer will get a year of Xbox Live, four free games, and $50--which to a five-year-old might as well be infinite money.