Microsoft has silently patched a privilege-escalation flaw in Xbox 360 that would have let users run operating systems and other programs on the popular gaming console.
The software giant fixed the vulnerability on 7 Jan, according to an anonymous security advisory recently posted on SecurityFocus. The bug can grant privileged access to a state known as hypervisory mode. Hypervisor is software that runs on a hardware machine and manages one or more operating systems.
According to the advisory, all games and applications on Xbox normally run in non-privileged mode.
Security experts wondered if this opens the door for more gaming console hacks.
"Can an internet-connected games console be an interesting addition to the available systems for a botnet?" SANS Internet Storm Center handler Arrigo Triulzi asked readers today on the organisation’s blog. “Is it worth my while to develop a new engine and virus to go after the Xbox 360s? Probably not, there are still plenty of Windows systems which will do just fine."