The Xbox One's decade-long security reign ends as researcher Markus 'Doom' Gaasedelen demonstrates 'Bliss' - a double voltage glitch attack that compromises the console's boot ROM, enabling unsigned code execution at every level.
After 13 years of security dominance, Microsoft's Xbox One has finally been compromised by a groundbreaking hardware attack dubbed "Bliss." The exploit, revealed at the RE//verse 2026 conference by researcher Markus 'Doom' Gaasedelen, represents the first complete breach of the console's defenses since its 2013 launch.
(Image credit: Markus 'Doom' Gaasedelen video presentation)
The Unbreakable Fortress Falls
When the Xbox One launched in 2013, it arrived with security measures so robust that Microsoft engineers would later claim it was "the most secure product Microsoft has ever produced." Unlike its predecessor, the Xbox 360, which famously fell to the Reset Glitch Hack (RGH), the Xbox One's security architecture proved remarkably resilient.
"In 2013 some kind of iron curtain came down on security of the Xbox ecosystem, and the Xbox One never got hacked," Gaasedelen noted during his presentation. This security stance extended to the Xbox One's successors, making the console family a unique challenge in the gaming world.
The Voltage Glitch Hack Breakthrough
Since traditional reset glitching proved ineffective against the Xbox One's security architecture, Gaasedelen turned to voltage glitching - a technique that involves manipulating the CPU voltage rail to create momentary instability. This approach required developing new hardware introspection tools, as Gaasedelen couldn't directly observe the console's internal operations.
The "Bliss" exploit employs a sophisticated double-glitch technique:
- First glitch: Skips the initialization loop where ARM Cortex memory protection is set up
- Second glitch: Targets the Memcpy operation during header read, allowing execution to jump to attacker-controlled data
This precise timing requires two voltage glitches to land in succession, making it a technically demanding attack that pushes the boundaries of hardware exploitation.
Complete System Compromise
What makes Bliss particularly significant is its fundamental nature as a hardware attack against the boot ROM in silicon. According to Gaasedelen, this makes the exploit unpatchable through software updates - a critical distinction that elevates its impact.
The complete compromise enables loading unsigned code at every level of the system, including:
- The Hypervisor
- The Operating System
- The security processor
This access extends to decrypting games, firmware, and other protected content, opening new possibilities for digital preservation and emulation.
Implications and Future Possibilities
The Bliss hack represents more than just a security breach - it's a preservation breakthrough. Digital archivists now have unprecedented access to Xbox One firmware, operating systems, and game content. This could lead to significant emulation advancements, potentially allowing Xbox One titles to be preserved and studied long after Microsoft discontinues support.
Additionally, the technique provides a pathway for creating automated mod chips that could perform the precise electrical glitching required, making the exploit more accessible to the broader hardware hacking community.
Limited Appeal for PC Gamers
Despite the technical achievement, the practical impact for PC gamers appears limited. The Xbox One's 2013-era hardware specifications mean its game library largely overlaps with PC gaming, often in superior quality. Most Xbox One exclusives have either been ported to PC or are being superseded by newer titles on current-generation consoles.
The End of an Era
The fall of the Xbox One's security marks the end of a unique chapter in console gaming. For over a decade, Microsoft maintained an unbroken security record that distinguished its console from competitors. While this achievement has now been overcome through cutting-edge hardware exploitation, it represents a significant milestone in understanding console security architecture and the evolving arms race between manufacturers and the hacking community.
The Bliss exploit demonstrates that even the most secure systems eventually fall to determined researchers with sufficient technical expertise and innovative approaches. As hardware security continues to evolve, the techniques pioneered by Gaasedelen will likely influence future security research and console design considerations.
Comments
Please log in or register to join the discussion