Microsoft sews XBox privilege vulnerability

By
Follow google news

Microsoft has silently patched a privilege-escalation flaw in Xbox 360 that would have let users run operating systems and other programs on the popular gaming console.


The software giant fixed the vulnerability on 7 January, according to an anonymous security advisoryrecently posted on SecurityFocus. The bug can grant privileged access to a state known as hypervisory mode. Hypervisor is software that runs on a hardware machine and manages one or more operating systems.

According to the advisory, all games and applications on Xbox normally run in non-privileged mode.

Security experts wondered if this opens the door for more gaming console hacks.

"Can an internet-connected games console be an interesting addition to the available systems for a botnet?" SANS Internet Storm Center handler Arrigo Triulzi asked readers today on the organisation’s blog.

"…Is it worth my while to develop a new engine and virus to go after the Xbox 360s? Probably not, there are still plenty of Windows systems which will do just fine."
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
microsoftprivilegesecurityvulnerabilityxbox

Sponsored Whitepapers

Uncomplicate IT Service Delivery with AI Agents
Uncomplicate IT Service Delivery with AI Agents
Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)

Events

Most Read Articles

WhatsApp unveils high-security mode

WhatsApp unveils high-security mode
NSW to overhaul state cyber emergency plan

NSW to overhaul state cyber emergency plan
Google busts giant IPIDEA residential proxy network

Google busts giant IPIDEA residential proxy network
Malware toolkit guarantees store approval for Chrome extensions

Malware toolkit guarantees store approval for Chrome extensions
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?