Xbox Gaming: a security flaw considered “important” discovered in the Microsoft service

Cyber ​​authorities are reporting a serious security breach affecting Microsoft’s Xbox Gaming services. The vulnerability, once exploited, would result in privilege escalation.

Microsoft published a security bulletin this week warning of a vulnerability affecting Xbox Gaming services. According to the French Computer Security Incident Response Center (CERT-FR) and the American company, the discovered vulnerability can cause an escalation of privileges. We must therefore remain cautious.

An Xbox Gaming flaw that could lead to device takeover

If we refer to the security bulletin and the American vulnerability database, the flaw referenced CVE-2024-28916 has a criticality level of 8.8, and is therefore considered “important”. It was only a whisker away from being classified as “critical”.

According to the bulletin, the breach affects versions prior to installation package 19.81.13001.0 of Xbox Game Services. In detail, the hacker who exploits the flaw could obtain SYSTEM privileges under Windows. He could then take control of the device.

Microsoft explains that the attacker must have local access to the targeted device and must be able to create folders and performance traces on the machine, “ with restricted privileges that normal users have by default “.

Only one solution to avoid any risk

So how can we protect ourselves against any malicious attempts? The company in the window tells us that the Microsoft Store will update affected users automatically, in case they have already installed the Xbox Gaming Services service.

If you have disabled Microsoft Store standalone updates, you need to go to the Store Library and click “Get Updates”. You can then update each application individually.

So be sure to use version 19.81.13001.0 or later of the service. To be sure, you can type the command get-appxpackage Microsoft.GamingServices in Windows PowerShell.

Sources: CERT-FR, CVE.org