News Karnataka
Friday, March 29 2024
Cricket
Science & Technology

Microsoft fixes Xbox bug as demand for new gaming consoles surge

Photo Credit :

New Delhi: As the company struggles to meet to surge in demand for new Xbox Series gaming consoles, Microsoft has patched a bug in the Xbox website that could have allowed hackers to link usernames to the real email addresses.

After users log in, the Xbox Enforcement site creates a cookie file in their browser with details about their web session, so they won’t have to re-authenticate the next time they visit the site again.

“This portal’s cookie file contained an Xbox user ID (XUID) field that was unencrypted,” reports ZDNet quoting Joseph ‘Doc’ Harris, one of the several security researchers who reported the issue to Microsoft this year.

Harris edited the XUID field and replaced it with the XUID of a test account he had created and had used for testing as part of the Xbox bug bounty programme.

The vulnerability was reported to Microsoft through Xbox bug bounty programme.

“Tried replacing the cookie value and refreshing, and suddenly I was able to see other [users’] emails,” Harris was quoted as saying.

Microsoft has announced the release of Xbox Series X and S as its biggest Xbox launch ever, though it did not provide any specific sales figures.

Although the company did not classify the Xbox bug for monetary rewards, it could have allowed threat actors to link any Xbox gamer tag to a gamer’s real email address.

Owing to the huge demand, Xbox Series X and Series S consoles are projected to be in short supply until at least April next year.

 

Share this:
MANY DROPS MAKE AN OCEAN
Support NewsKarnataka's quality independent journalism with a small contribution.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

To get the latest news on WhatsApp