xbox one controller11 -
xbox one controller11 -

A five-year-old boy from San Diego discovered a major security flaw in Microsoft's Xbox Live service that allowed him to sign into his dad's account without knowing his password, the BBC reports.

Kristoffer Von Hassel realised that he could bypass the Xbox One's security and log in to his dad's account simply by entering an incorrect password and filling the password verification screen with spaces.

"I was like yea!" Kristoffer told ABC 10 News, adding that he "got nervous" when he thought his father – who works for a computer security firm himself – would find out.

Microsoft is since said to have fixed the flaw.

"We're always listening to our customers and thank them for bringing issues to our attention," Microsoft said in a statement. "We take security seriously at Xbox and fixed the issue as soon as we learned about it."

To reward him for his discovery, Microsoft provided Kristoffer with four free games, $50 and a year's subscription to Xbox Live Gold.


New stuff to check out


To add your comment, please login or register

User Comments

OllyParky's Avatar


Jeez I wonder what else is flawed in Microsoft, can we all get free Microsoft Office by getting out cats to walk across a keyboard to enter a code!
Posted 17:17 on 06 April 2014


They just keep getting younger... god I sound old.
It's quite funny to see a massive global company exploited by a kid barely starting school. Reminds us all that big business at all that. Smart one too.
Posted 00:27 on 05 April 2014
AdesteFideles's Avatar


He will be joining Anonymous or the NSA by Monday.
Posted 16:03 on 04 April 2014
BritishWolf's Avatar


Clever boy
Posted 15:08 on 04 April 2014
View Full Site