A five-year old Ocean Beach boy named Kristoffer Von Hassel received free stuff after finding out a Microsoft Xbox Live security flaw.
The security problem was discovered by Kristoffer?s parents when they noticed that he was not playing the family fave ?Minecraft? and instead his eyes were on the Xbox Live matured games that he was not supposed to be playing as those games could only be accessed through his father?s account.
Reports said, Robert Davies, Kristoffer?s father asked him how he was able to log in into his Xbox Live account and play games which he wasn’t supposed to play. Kristoffer showed his father that by simply typing the wrong password, then filling the password field?with spaces in the second password verification screen, he ?could access the account.
In a television interview with Davies who works in computer security, his reaction was, “How awesome is that! Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.?
Davies and Kristoffer reported the bug to Microsoft which was fixed quickly then rewarded the kid and acknowledged him as a security researcher.
“We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it,? the company said in a statement.
The Microsoft Security Response Center (MSRC) included Kristoffer?s name in their ?Security Researcher Acknowledgments for Microsoft Online Services? for the month of March. MSRC wrote, ?The Microsoft Security Response Center (MSRC) is pleased to recognize the security researchers who have helped make Microsoft online services safer by finding and reporting security vulnerabilities.?
Kristoffer was rewarded with four free games, $50 (?30), and a year-long subscription to Xbox Live by Microsoft.