Microsoft Launches an Xbox Bounty Program

MakeUseOf

By Dave Parrack

Published Jan 31, 2020

Microsoft has launched an Xbox Bounty Program to find and squash bugs in the Xbox network. With rewards worth up to $20,000.

Microsoft has launched an Xbox Bounty Program designed to find and squash bugs in the Xbox network. And if you can find a vulnerability, whether by actively hinting for one or by stumbling across one, you can claim a reward worth up to $20,000.

Find a Bug and Earn (Potentially) Big Money

Bug bounty programs are everywhere, and can pay out big money. The bigger the vulnerability, the higher the reward, but even the minimum payouts are worthwhile. So, finding vulnerabilities in the products and services you use can earn you pocket money.

Microsoft already has a number of bounty programs actively seeking out vulnerabilities in the company's products and services. Including the Windows operating system, Office, and Edge. And now, for the first time, Microsoft has launched an Xbox Bounty Program.

How Microsoft's Xbox Bounty Program Works

In a post on the Microsoft Security Response Center, Microsoft explains that the program is for "gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services".

Anyone who finds a vulnerability needs to share it with the Microsoft Xbox team through "Coordinated Vulnerability Disclosure (CVD)." Bugs need to be submitted using the MSRC Submission portal and follow Microsoft's submission guidelines.

Submissions are eligible for rewards of between $500 and $20,000. Bounties will be "awarded at Microsoft’s discretion based on the severity and impact of the vulnerability and the quality of the submission." So, be sure to follow the Microsoft Bounty T&Cs.

The highest rewards are reserved for finding proof of a remote code execution or an elevation of privilege. Other bugs included are security feature bypasses, spoofing, and tampering. Some issues, such as denial of service, are listed as "Out of Scope".

Other Bug Bounty Programs Worth Exploring

The Xbox Bounty Program is just the latest in a long line of bounty programs. And Microsoft is just one of the many big companies involved. With that in mind, we have previously listed some awesome bug bounty programs worth exploring.

Image Credit: Constantin Wiedemann/Flickr