March 5, 2007 3:32 PM PST
Microsoft patches Xbox 360
The update corrects a problem with a tamper protection mechanism on the Xbox 360. Hackers had discovered a way to break through the shield and run their own software, including operating systems such as Linux, on the Microsoft game console.
Full details of the security vulnerability were disclosed last week in a posting to two widely read security mailing lists. The flaw was actually discovered in November, demonstrated at a hacker conference in December, and fixed by Microsoft in January, according to the posting by an anonymous hacker.
"Together with a method to inject data into non-privileged memory areas, this vulnerability allows an attacker with physical access to an Xbox 360 to run arbitrary code such as alternative operating systems with full privileges and full hardware access," the anonymous hacker wrote.
Microsoft confirmed the issue on Friday. "Microsoft has worked with the party that reported this issue and has already distributed a fix across our distribution methods, both online and offline," a company representative said in an e-mailed statement.
The update was pushed out via Xbox Live, Microsoft's online gaming service. Any game coming out after February 20 will ship with the fix, which is also available for download on the Xbox Web site, the representative said.
However, Microsoft doesn't describe the Xbox update as a security fix. Instead, on its Web site it lists an "operating system update" for download, without stating what the update does.
The Xbox and other game consoles have always been popular hacker targets. The challenge for hackers is to circumvent protections on the devices to run their own, so-called homebrew code on the device or load another operating system.
A whole market for Xbox cracks grew around the first version of the game console. Add-on chips for the Xbox--called "mod chips"--let consumers play pirated discs and other applications. In addition, some groups claimed they could run Linux on the Xbox.
12 commentsJoin the conversation! Add your comment