Microsoft has received help discovering a security flaw on its Xbox One game console from an unlikely source: a five-year-old boy.
Five-year-old Kristoffer Von Hassel uncovered a flaw that could allow someone to log into a player's profile without their password, San Diego television station KGTV reported.
The flaw was discovered after Kristoffer's father found out he had been playing inappropriate video games on the Xbox One. When his dad, Robert Davies, asked him how he accessed the console, Kristoffer showed him the exploit.
Here's how it worked: after typing an incorrect password, the console jumped to a password verification screen. After typing the space keys a few times then hitting enter, Kristoffer was able to access his father's Xbox Live account.
"Just being five years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool," Davies, who works in computer security, told KGTV.
They reported the bug to Microsoft, which has since fixed the flaw, the company told KGTV.
"We're always listening to our customers and thank them for bringing issues to our attention," the company said in a statement.
"We take security seriously at Xbox and fixed the issue as soon as we learned about it."
Microsoft also honoured Kristoffer as a security researcher on their website, and sent a gift package including four free games, US$50 and a one-year Xbox Live subscription.