Microsoft's 'unhackable' Xbox One has been hacked by 'Bliss'

tomshardware.com · 01-_- · 19 days ago · view on HN · threat
0 net
Tags
exploit facebook google malware microsoft
Microsoft’s ‘unhackable’ Xbox One has been hacked by 'Bliss' — the 2013 console finally fell to voltage glitching, allowing the loading of unsigned code at every level | Tom's Hardware Skip to main content Don't miss these Cybersecurity Intel's Heracles chip computes fully-encrypted data without decrypting it PlayStation RPCS3 Emulator boasts over 1500 FPS on the Minecraft title screen Xbox Microsoft confirms next-gen Xbox, codenamed Project Helix, will be powered by custom AMD SoC and feature 'FSR Diamond' Handheld Gaming ROG Xbox Ally X gaming handheld to get Auto Super Resolution boost in April Cybersecurity Invisible malicious code attacks 151 GitHub repos and VS Code Cybersecurity Zombie ZIP vulnerability lets malware stroll past gates of 95% of AV suites PlayStation Linux hacked onto a PS5 to turn Sony's console into a Steam Machine Console Gaming Palmer Luckey’s retro gaming venture seeks $1B valuation as FPGA-based Nintendo 64 clone launch nears Windows Microsoft promises to nearly double Windows storage performance after forcing slow software-accelerated BitLocker on Windows Gaming Monitors Windows 11 is getting support for 1,000 Hz+ monitors soon, according to latest Insider builds PC Gaming Microsoft debuts DirectStorage 1.4 at GDC 2026, with Zstandard compression and GACL Windows Registry hack enables new performance-boosting native NVMe support on Windows 11 Artificial Intelligence ‘200,000 living human neurons’ on a microchip demonstrated playing Doom Retro Gaming ‘Mad scientist’ visualizes Atari 2600 fetching data from ROM for mesmerizing light show Retro Gaming Massive two-year project recovers 144 previously undumped Sega Genesis game ROMs from the mid-1990s (Image credit: Markus ‘Doom’ Gaasedelen video presentation ) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Email Share this article 12 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tom's Hardware Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter A groundbreaking hack for Microsoft ’s ‘unhackable’ Xbox One was revealed at the recent RE//verse 2026 conference. This console has remained a fortress since its launch in 2013, but now Markus ‘Doom’ Gaasedelen has showcased the ‘Bliss’ double glitch. Just as the Xbox 360 famously fell to the Reset Glitch Hack (RGH), the Xbox One has now fallen to Voltage Glitch Hacking (VGH). RE//verse 2026: Hacking the Xbox One - YouTube Watch On Go deeper with TH Premium: CPU (Image credit: Tom's Hardware) CPU scaling with DLSS Ryzen to the top: How AMD innovated in the gaming CPU market How ARM is working its way into PCs AMD CES 2026 gaming trends press Q&A roundtable transcript “In 2013 some kind of iron curtain came down on security , of the Xbox ecosystem, and the Xbox One never got hacked,” noted Gaasedelen in his introduction. The same is true of the Xbox One’s successors, and Microsoft was rightly proud. Seven years after its launch, Microsoft engineers would still assert that the Xbox One was “the most secure product Microsoft has ever produced.” (Image credit: Markus ‘Doom’ Gaasedelen video presentation ) What made the Xbox One so secure, so special? Gaasedelen referenced prior work and presentations to convey this information. I’ve shared a summary slide about this, too, but let’s fast forward to the demo of the new Bliss hack, which takes place from about 46 minutes into the presentation. Article continues below You may like This Xbox One S mod hides a full Windows gaming PC within the original shell Linux hacked onto a PS5 to turn Sony's console into a Steam Machine The "Ningtendo PXBOX 5" is an all-in-one console featuring a PS5, Switch 2, and Xbox Series X in a single enclosure Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pin(s) the hacker targeted the momentary collapse of the CPU voltage rail. This was quite a feat, as Gaasedelen couldn’t ‘see’ into the Xbox One, so had to develop new hardware introspection tools. Eventually, the Bliss exploit was formulated, where two precise voltage glitches were made to land in succession. One skipped the loop where the ARM Cortex memory protection was setup. Then the Memcpy operation was targeted during the header read, allowing him to jump to the attacker-controlled data. Image 1 of 3 (Image credit: Markus ‘Doom’ Gaasedelen video presentation ) (Image credit: Markus ‘Doom’ Gaasedelen video presentation ) (Image credit: Markus ‘Doom’ Gaasedelen video presentation ) As a hardware attack against the boot ROM in silicon, Gaasedelen says the attack in unpatchable. Thus it is a complete compromise of the console allowing for loading unsigned code at every level, including the Hypervisor and OS. Moreover, Bliss allows access to the security processor so games, firmware, and so on can be decrypted. What happens next with this technique remains to be seen. Digital archivists should enjoy new levels of access to Xbox One firmware, OS, games. There could be subsequent emulation breakthroughs thanks to this effort. We also now have a route to making a Bliss-a-like mod chip to automate the precise electrical glitching required. Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors Whether PC users, our core readership, will be interested in actually emulating Xbox One, looks unlikely. The 2013 system’s game library is largely overlapped in better quality on the PC platform. Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds. TOPICS See all comments (12) Mark Tyson News Editor Mark Tyson is a news editor at Tom's Hardware. He enjoys covering the full breadth of PC tech; from business and semiconductor design to products approaching the edge of reason. Read more Case Mods This Xbox One S mod hides a full Windows gaming PC within the original shell PlayStation Linux hacked onto a PS5 to turn Sony's console into a Steam Machine Console Gaming The "Ningtendo PXBOX 5" is an all-in-one console featuring a PS5, Switch 2, and Xbox Series X in a single enclosure Xbox Microsoft confirms next-gen Xbox, codenamed Project Helix, will be powered by custom AMD SoC and feature 'FSR Diamond' PlayStation PlayStation 5 ROM keys leaked — jailbreaking could be made easier with BootROM codes Xbox Microsoft confirms next-gen Xbox will play PC games Latest in Console Gaming Nintendo Nintendo Switch 2 update brings Handheld Mode Boost Handheld Gaming ROG Xbox Ally X gaming handheld to get Auto Super Resolution boost in April Console Gaming Sega’s missing link Saturn 'TRIP accelerator' project was real Xbox Microsoft confirms next-gen Xbox, codenamed Project Helix, will be powered by custom AMD SoC and feature 'FSR Diamond' PlayStation Sony takes aim at Steam with dynamic discounts on the PlayStation Store PlayStation RPCS3 Emulator boasts over 1500 FPS on the Minecraft title screen Latest in News Retro Gaming End of an era for decades-old PlayStation 3, Xbox 360, and Nintendo Wii U as GameStop officially declares them retro Nintendo Nintendo Switch 2 update brings Handheld Mode Boost Tech Industry Microsoft expects to commercialize MicroLED datacenter cables by late 2027 Tech Industry Nvidia launches BlueField-4 STX storage architecture for agentic AI at GTC 2026 Video Games South Korean company following ChatGPT management advice forced to backtrack by court GPUs We got a first look at Nvidia's DLSS 5 and the future of neural rendering at GTC 12 Comments Comment from the forums So... 13 years later, its hacked... thats not news and it was most likely hacked way sooner but nobody wanted to say something. Reply Its always only a matter of time. Reply "One skipped the loop where the ARM Cortex memory protection was setup." The XBOX One doesnt use an Arm Cortex CPU it uses AMD. Nice try though Reply SPPV said: "One skipped the loop where the ARM Cortex memory protection was setup." The XBOX One doesnt use an Arm Cortex CPU it uses AMD. Nice try though And it just so happens to have an ARM CPU on it for certain tasks. Reply that Lee guy said: So... 13 years later, its hacked... thats not news and it was most likely hacked way sooner but nobody wanted to say something. the point of hacking it is to do something with it once it is hacked. had it been done before, we'd know cause we'd have ROMs and plenty of other fun stuff to do with it. there is no reason for anyone to go through the trouble of finding the exploit to not tell anyone. that's just not how the world works :) Reply Such determination, and proof the cat-and-mouse game has no limits. This is a good discovery on 2 levels, first Microsoft got the desired protection so they're happy, but 2nd now a new method is known which is beneficial for both attackers and those hoping to defend future consoles from the attack. Neato. Reply Thunder64 said: And it just so happens to have an ARM CPU on it for certain tasks. The ARM microcontroller in the gamepad hardly counts Reply SPPV said: The ARM microcontroller in the gamepad hardly counts Just watch the video... The AMD APU has a mini arm core in it, "platform security processor (PSP) based on the ARM Cortex-A5" https://www.pcmag.com/news/amd-adds-arm-security-core-to-next-gen-mobile-chips Reply TerryLaze said: Just watch the video... The AMD APU has a mini arm core in it, "platform security processor (PSP) based on the ARM Cortex-A5" https://www.pcmag.com/news/amd-adds-arm-security-core-to-next-gen-mobile-chips That PCMag article would seem to contradict there being an ARM co-processor embeded in the AMD APU on the X1 though. That article, dated April 2014 quotes AMD as saying that they will be being released for the first time later that year for retail and commercial clients but the X1 was 2013. If M$/XBOX was already buying them back would have had to have been 2011 or so at least for it to be included in the X1 then somebody is mistaken. Either AMDs spokesperson is giving erroneous info or there isnt a co-processor Reply SPPV said: That PCMag article would seem to contradict there being an ARM co-processor embeded in the AMD APU on the X1 though. That article, dated April 2014 quotes AMD as saying that they will be being released for the first time later that year for retail and commercial clients but the X1 was 2013. If M$/XBOX was already buying them back would have had to have been 2011 or so at least for it to be included in the X1 then somebody is mistaken. Either AMDs spokesperson is giving erroneous info or there isnt a co-processor As I said just watch the video, he goes into great detail and shows detailed pics of the actual APU and shows where the PSP is on that. Reply View All 12 Comments Show more comments
← Back to stories