Flaw allows Xbox 360 to be hijacked
Last Updated: Thursday, March 1, 2007 | 5:38 PM ET

A "critical" vulnerability in Microsoft's Xbox 360 video game console could let an attacker run unauthorized software on machines that haven't been fixed, according to an advisory issued Wednesday.

In order to exploit the vulnerability that could let a malicious individual seize control of an Xbox 360, the attacker would need physical access to the machine.

The report says the flaw was disclosed to Microsoft on Jan. 3 and the company released a fix for the problem on Jan. 9, which would have been downloaded over the internet to affected systems connected to Microsoft's Xbox Live network.

"Microsoft has completed the investigation into the public claims of a vulnerability in Xbox 360 … and has already distributed a fix across our distribution methods, both online and offline," John Rodman, senior product manager for the Xbox global platform team told CBC News Online in an e-mailed statement on Thursday.

He noted that people without access to the Xbox Live online network could download the patch to a computer and burn it on to a DVD or CD.

The fix and instructions on how to obtain and install it are published on the operating system software update page on the Xbox.com website.

The flaw is in a piece of the Xbox's security software known as the hypervisor, which controls access to the system's memory and manages encryption and decryption functions.
Cryptographic key

In contrast, software such as games and other programs must be "signed" with Microsoft's cryptographic key to run on the machine and — unlike hypervisor — run in a so-called non-privileged mode.

The weakness in the hypervisor would effectively allow an attacker's software to run on the system with full privileges and access to the Xbox 360 hardware.

Microsoft said they had sold 10.4 million Xbox 360s worldwide by early January.

Word of the bug, rated "critical" in its severity, was distributed on the BugTraq computer security discussion list by an individual identifying him or herself only as Anonymous Hacker.

According to the report, the flaw was discovered on Oct. 31, 2006, and an attempt to contact Microsoft about the problem was made on Dec. 15, 2006.

A public demonstration of the vulnerability was made at the 23C3 Hacker Congress hosted by the Chaos Computer Club in Berlin, Germany, on Dec. 30, 2006.

All consoles with a kernel, or core, of the Xbox 360's operating system prior to version 4532, released on Oct. 31, 2006, are affected. The fix issued on Jan. 9 was for kernel version 4552.

Microsoft patch stops Linux on Xbox 360

6 March 2007

Joris Evers

Microsoft has quietly released a fix for a security vulnerability that could let Xbox 360 owners run their own applications or operating systems on the console.

The update corrects a problem with a tamper-protection mechanism on the Xbox 360. Hackers had discovered a way to break through the shield and run their own software, including operating systems such as Linux, on the games console.

Full details of the security vulnerability were disclosed last week in a posting to two widely read security mailing lists. The flaw was actually discovered in November, demonstrated at a hacker conference in December, and fixed by Microsoft in January, according to the posting by an anonymous hacker.

"Together with a method to inject data into non-privileged memory areas, this vulnerability allows an attacker with physical access to an Xbox 360 to run arbitrary code such as alternative operating systems with full privileges and full hardware access," the anonymous hacker wrote.

Microsoft confirmed the issue on Friday. "Microsoft has worked with the party that reported this issue and has already distributed a fix across our distribution methods, both online and offline," a company representative said in an emailed statement.

The update was pushed out via Xbox Live, Microsoft's online gaming service. It is also available for download on the Xbox Web site, the representative said. However, Microsoft doesn't describe the Xbox update as a security fix. Instead, on its Web site it lists an "operating system update" for download, without stating what the update does.

The Xbox and other game consoles have always been popular hacker targets. The challenge for hackers is to circumvent protections on the devices to run their own, so-called homebrew code on the device or load another operating system.

A whole market for Xbox cracks grew around the first version of the game console. Add-on chips for the Xbox -- called 'mod chips' -- let consumers play pirated discs and other applications. In addition, some groups claimed they could run Linux on the Xbox.