Microsoft’s “unhackable” Xbox One, which survived 13 years of security challenges, finally fell to an ex-Microsoft security researcher using a hardware attack Microsoft can’t patch. Markus “Doom” Gaasedelen, known as “Bliss” and a former Microsoft Security Response Center researcher, demonstrated the exploit at the RE//verse 2026 conference. The boot ROM compromise means no software patch is possible—this is a permanent crack of one of gaming’s most secure consoles. The irony is sharp: a Microsoft security researcher cracked the Microsoft console that was supposed to be uncrackable.
How Voltage Glitching Broke the Boot ROM
The Bliss exploit uses voltage glitching, a hardware attack that manipulates power supply voltage to induce errors in system operations. Think of it as creating precisely timed electrical hiccups that cause the processor to skip security checks or execute unintended code.
Gaasedelen’s technique employs a double glitch. The first glitch skips the Memory Management Unit (MMU) initialization during startup, disabling a critical security layer. The second glitch hijacks a Memcpy operation during a header read, redirecting execution to the attacker’s code. The timing precision required is extraordinary—create a voltage drop that exactly occurs during the key comparison, then spike at the continuation point to force execution control flow to return true.
The attack targets the boot ROM, code etched directly into the silicon of the system-on-chip. This is the foundational security layer that loads first during startup. Since it’s burned into hardware rather than stored in updatable firmware, Microsoft can’t patch it remotely. Once compromised, it allows loading unsigned code at every system level: the hypervisor, the operating system, everything. The exploit requires physical access—you need to solder a microcontroller to the motherboard and remove capacitors to hit the right voltage—but that’s the tradeoff for a permanent, unpatchable crack.
Why “Unhackable” Claims Always Age Poorly
“Unhackable” is tech marketing’s favorite lie, and it always expires. Microsoft marketed the Xbox One as exceptionally secure, and in fairness, they built a fortress. Randomized loops, disabled debugging features, hash-chain verification—the security team did serious work. But declaring any system “unhackable” ignores a fundamental truth: given enough time and physical access, everything breaks.
Here’s where perspective matters. The hack came six years after Microsoft stopped manufacturing the original Xbox One in 2020. The console remained secure throughout its entire commercial lifetime. In security terms, that’s a massive win. Most gaming consoles fall within five years. The Xbox 360 was cracked by 2010 with the JTAG exploit, just five years after its 2005 launch. The PlayStation 5’s boot ROM keys leaked in December 2025, and that console only launched in 2020. By comparison, 13 years is exceptional.
Is this a security failure or a security achievement? Both. “Unhackable” was false—no system is truly impervious. But lasting 13 years, outliving the console’s commercial viability, and only falling to a sophisticated hardware attack by an ex-Microsoft security researcher? That’s effective security engineering, even if the marketing slogan aged poorly.
Which Xbox Models Are Vulnerable
Only the original 2013 “Phat” Xbox One models are vulnerable to the Bliss exploit. The Xbox One S and Xbox One X remain secure—Microsoft incorporated anti-glitching protections in later hardware revisions that specifically defend against this type of attack. Those protections were disabled in the early units but enabled in subsequent silicon variants.
The practical impact is limited. The vulnerable console stopped being manufactured in 2020, and most of its game library is available on PC or newer Xbox systems. Microsoft also fragmented the hacking community early by offering free developer mode with emulator support, reducing the economic incentive for piracy-focused exploits. This hack matters more for preservation and security research than for piracy.
Game Preservation and Security Lessons
The hack’s significance lies in game preservation. Digital-only titles with full DRM create preservation challenges—when stores close or games get delisted, they vanish unless someone archived them. The 3DS eShop closed, the Wii Shop closed, and games were lost to history. Full decryption of Xbox One content means previously locked titles, DLC, patches, and even system software can now be permanently preserved in community-run archives.
There’s also homebrew potential. Developers could create emulators, media centers, or applications Microsoft never authorized, breathing new life into aging hardware similar to what happened with the original Xbox and PlayStation 2 communities. The legal landscape is murky—DMCA Section 1201 restricts circumvention—but the preservation argument is strongest when the platform is commercially dead.
The broader security lesson is simple: physical access changes everything. Defense mechanisms exist—voltage monitors, brownout detection, hardware-based resilience procedures—but once an attacker has unlimited time and direct hardware access, the economics shift in their favor. Microsoft’s 13-year resilience proves that strong hardware security can work, but it also proves that “unhackable” is a marketing term, not a technical reality.
Key Takeaways
- Microsoft’s “unhackable” Xbox One was cracked after 13 years by ex-Microsoft security researcher Markus “Doom” Gaasedelen using a double voltage glitching technique that targets the boot ROM in silicon, making it unpatchable via software updates
- Voltage glitching manipulates power supply voltage to skip security checks—the first glitch disables the MMU, the second hijacks Memcpy execution, redirecting control to attacker code with precision timing
- Only original 2013 Xbox One models are vulnerable; Xbox One S and One X have anti-glitching protections, and manufacturing ended in 2020, limiting real-world impact
- “Unhackable” claims always age poorly, but 13 years of security is a win by any standard—most consoles fall within 5 years, and this hack came after commercial viability ended
- The exploit enables game preservation (archiving digital-only titles, DLC, patches) and homebrew development, with the strongest justification being a commercially dead platform
- Physical access plus unlimited time breaks any system—voltage monitors and brownout detection can defend against glitching, but hardware access fundamentally changes the threat model
