Xbox One 'Bliss' Hack Opens Microsoft's Long-Sealed Console Fortress

The Xbox One finally lost its "unhackable" label

Tom's Hardware reported on March 15, 2026 that security researcher Markus 'Doom' Gaasedelen unveiled the Bliss exploit at RE//verse 2026. The report frames the result as the first full break of the 2013 Xbox One, a console whose boot chain had held for more than a decade while earlier systems like the Xbox 360 were long since opened up.

That long timeline is part of why the story hit hard in gaming communities. Tom's notes that Microsoft engineers were still describing the Xbox One as its most secure product years after launch, and Gaasedelen opened his presentation by saying an "iron curtain" had fallen over Xbox security in 2013. In other words, this is not just another jailbreak headline. It is the fall of a console that many researchers had treated as a fortress.

How the Bliss exploit works

According to Tom's Hardware, Bliss is a double voltage glitching attack against the boot ROM path inside the system's custom AMD SoC. Gaasedelen said he could not simply rely on traditional reset glitching, so he built new hardware introspection tools and timed two separate voltage faults in sequence.

The first glitch skipped the stage where memory protection was being set up. The second targeted the header read so execution could jump to attacker-controlled data. Tom's says that combination allows unsigned code to load at every level of the machine, including the Hypervisor and operating system, while also opening a route to decrypt firmware and games through access to the security processor.

Why this matters beyond curiosity

The most important detail may be that Gaasedelen described the attack as unpatchable. Because the weakness is in the boot ROM path burned into silicon, this is not the kind of issue a normal firmware update can simply erase. That changes the conversation from "can someone hack it?" to "what happens now that the trust chain is broken for good?"

Tom's points to digital preservation and emulation as the clearest next steps. That matters even if most Xbox One games already exist in stronger form on PC or newer Xbox hardware. Once a closed console platform becomes fully inspectable, historians, tool developers, and emulator authors gain a very different level of access to firmware behavior, encrypted assets, and platform internals.

Signal from r/gamernews

The linked r/gamernews post reached 3,174 points and 81 comments at crawl time. For a hardware security story about a 2013 console, that is unusually strong engagement and a useful sign that preservation and platform security stories still carry weight well beyond pure modding circles.

Why this matters

The Xbox One did not just resist hobbyist tinkering for a while; it helped define a more locked-down generation of console security. Bliss matters because it shows that even a system built around hardened early boot code and layered mitigations can still fall to patient physical research. For Microsoft, it closes a long chapter of platform security bragging rights. For preservation-minded players and researchers, it opens a very different one.

Source: Tom's Hardware · Reddit discussion