Microsoft Patches Xbox Vulnerability Following Public Disclosure


Microsoft patches Xbox Gaming Services vulnerability CVE-2024-28916 after initially dismissing it, following public disclosure by researcher Filip Dragovic. The flaw, allowing local attackers to escalate privileges to System, prompted Dragovic to release a PoC exploit, leading to confirmation by cybersecurity expert Will Dormann and subsequent acknowledgment and patching by Microsoft. Uncertainty remains regarding bug bounty payout due to public disclosure prior to patch availability.

Read More…