Microsoft received a big assist discovering a security flaw on its Xbox One from an unlikely source: a five-year-old boy.
San Diego television station KGTV reports
five-year-old Kristoffer Von Hassel uncovered a flaw that would allow
someone to log into a player's profile without their password.
flaw was discovered after Kristoffer's father found out he had been
playing inappropriate video games on the Xbox One. When his dad, Robert
Davies, asked him how he accessed the console, Kristoffer showed him the
Here's how it worked: After typing an incorrect
password, the console jumped to a password verification screen. After
typing the space keys a few times then hitting enter, Kristoffer was
able to access his father's Xbox Live account.
"Just being 5 years
old and being able to find a vulnerability and latch onto that. I
thought that was pretty cool," Davies tells KGTV.
the bug to Microsoft, and have since fixed the flaw, the company tells
KGTV in a statement. They also honored Kristoffer as a security researcher on their website, and sent a gift package including free games and a one-year Xbox Live subscription.