Microsoft puts a high price on the user experience that Xbox Live offers and now, the company is ready to put an actual price. Microsoft has announced earlier today that it is launching a new bug bounty program. The interesting thing about this program is that it focuses on the Xbox Live Network and all the services that it has to offer. If you think that you have discovered a security flaw in Xbox Live, then you should be pleased to know that Microsoft is offering rewards up to $20,000.
Xbox Live Bounty Program
The first thing that we want to mention about the Xbox Live bounty program is that Microsoft is not the first to come up with this unusual idea. Apple was actually one of the first tech giants to put a bounty on software bugs and the Cupertino based tech giant is awarding lots of money to security researchers who can bring proof of bugs.
Nonetheless, Microsoft is aiming to take care of all major security flaws in Xbox Live’s software. Do you know how to execute unauthorized code on Microsoft’s servers? You will be rewarded for that. However, we do need to mention that Microsoft is not looking for specific game bugs. This is not Microsoft’s concern.
The Rewards
Check out the list below to see what are the specific bugs that Microsoft is looking for and how much the company is willing to pay.
Security Impact | Report Quality | Severity | |||
| Critical | Important | Moderate | Low | ||
| Remote Code Execution | High Medium Low | $20,000 $15,000 $10,000 | $15,000 $10,000 $5,000 | N/A | N/A |
| Elevation of Privilege | High Medium Low | $ 8,000 $ 4,000 $ 3,000 | $5,000 $2,000 $1,000 | $0 | N/A |
| Security Feature Bypass | High Medium Low | N/A | $5,000 $2,000 $1,000 | $0 | N/A |
| Information Disclosure | High Medium Low | N/A | $5,000 $2,000 $1,000 | $0 | $0 |
| Spoofing | High Medium Low | N/A | $5,000 $2,000 $1,000 | $0 | $0 |
| Tampering | High Medium Low | N/A | $5,000 $2,000 $1,000 | $0 | $0 |
| Denial of Service | High/Low | Out of Scope |
