Kristoffer Von Hassel, a 5-year-old boy from San Diego who worked out a security vulnerability on Microsoft’s Xbox Live service, has been officially thanked by the company.
Kristoffer Von Hassel figured out how to log in to his father’s account without the right password.
Microsoft has fixed the flaw, and added Kristoffer Von Hassel to its list of recognized security researchers.
In an interview with local news station KGTV, Kristoffer Von Hassel said: “I was like yea!”
The boy worked out that entering the wrong password into the log-in screen would bring up a second password verification screen.
Kristoffer Von Hassel discovered that if he simply pressed the space bar to fill up the password field, the system would let him in to his father’s account.
“I got nervous. I thought he was going to find out,” Kristoffer Von Hassel told television station, KGTV.
“I thought someone was going to steal the Xbox.”
His father, Robert Von Hassel – who works in security – sent details of the flaw to Microsoft.
In a statement, Microsoft said: “We’re always listening to our customers and thank them for bringing issues to our attention.
“We take security seriously at Xbox and fixed the issue as soon as we learned about it.”
Kristoffer Von Hassel’s name now appears on a page set up to thank people who have discovered problems with Microsoft products.
Microsoft also gave him four free games, $50, and a year-long subscription to Xbox Live.
[youtube VUxgcHydhcI 650]