Software // Enterprise Applications
03:14 PM
Connect Directly
Repost This

Hack Is No Game: Microsoft Patches Xbox Bug

Microsoft quietly fixed an Xbox 360 bug that allowed a user to bypass security and run their own applications or operating systems on the console.

Researchers have found a flaw in Xbox 360 that enables users to run their own applications or other operating systems on the gaming console.

The good news it that Microsoft quietly fixed the flaw with a patch that came out in January.

The patch, which was released on Jan. 7, fixes a problem in a security mechanism that allows hackers to break through the barrier and run their own software with full access and privileges. The privilege escalation vulnerability was classified as "critical" in a BugTraq advisory posting. The advisory was posted by an anonymous hacker.

"Can an Internet-connected games console be an interesting addition to the available systems for a botnet?" asks Arrigo Triulzi, a handler at the SAN's Internet Storm Center, in a blog post. "Difficult question to answer trivially: there are many parameters to the game On the one side you have low-latency, high-speed DSL lines favored by gamers, but on the other side you have a totally novel operating system which you have to develop for, not to mention the connection time of these systems. What are the chances of a games console being left on 24-by-7 compared to a home PC on a DSL link? So we are probably back to the old story of 'return on investment.' Is it worth my while to develop a new engine and virus to go after the Xbox 360s? Probably not. There are still plenty of Windows systems which will do just fine."

The update was pushed out via Xbox Live, Microsoft's online gaming service. It also can be downloaded off the Xbox Web site.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.