Software // Enterprise Applications
News
3/6/2007
03:14 PM
Connect Directly
RSS
E-Mail
50%
50%

Hack Is No Game: Microsoft Patches Xbox Bug

Microsoft quietly fixed an Xbox 360 bug that allowed a user to bypass security and run their own applications or operating systems on the console.

Researchers have found a flaw in Xbox 360 that enables users to run their own applications or other operating systems on the gaming console.

The good news it that Microsoft quietly fixed the flaw with a patch that came out in January.

The patch, which was released on Jan. 7, fixes a problem in a security mechanism that allows hackers to break through the barrier and run their own software with full access and privileges. The privilege escalation vulnerability was classified as "critical" in a BugTraq advisory posting. The advisory was posted by an anonymous hacker.

"Can an Internet-connected games console be an interesting addition to the available systems for a botnet?" asks Arrigo Triulzi, a handler at the SAN's Internet Storm Center, in a blog post. "Difficult question to answer trivially: there are many parameters to the game On the one side you have low-latency, high-speed DSL lines favored by gamers, but on the other side you have a totally novel operating system which you have to develop for, not to mention the connection time of these systems. What are the chances of a games console being left on 24-by-7 compared to a home PC on a DSL link? So we are probably back to the old story of 'return on investment.' Is it worth my while to develop a new engine and virus to go after the Xbox 360s? Probably not. There are still plenty of Windows systems which will do just fine."

The update was pushed out via Xbox Live, Microsoft's online gaming service. It also can be downloaded off the Xbox Web site.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 17, 2014
It doesn't matter whether your e-commerce D-Day is Black Friday, tax day, or some random Thursday when a post goes viral. Your websites need to be ready.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.