Microsoft Xbox One Hacked
It’s an impressive feat, over a decade after the box was released:
Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pin(s) the hacker targeted the momentary collapse of the CPU voltage rail. This was quite a feat, as Gaasedelen couldn’t ‘see’ into the Xbox One, so had to develop new hardware introspection tools.
Eventually, the Bliss exploit was formulated, where two precise voltage glitches were made to land in succession. One skipped the loop where the ARM Cortex memory protection was setup. Then the Memcpy operation was targeted during the header read, allowing him to jump to the attacker-controlled data.
As a hardware attack against the boot ROM in silicon, Gaasedelen says the attack in unpatchable. Thus it is a complete compromise of the console allowing for loading unsigned code at every level, including the Hypervisor and OS. Moreover, Bliss allows access to the security processor so games, firmware, and so on can be decrypted.
Subscribe to comments on this entry
Clive Robinson • March 23, 2026 12:28 PM
@ ALL
From the quoted article text above,
Does this really surprise any one?
How about,
No neither surprise me…
How about Microsoft effectively lying to the US regulators for Nat Sec usage of their Cloud kit?
Called “Microsoft GCC High” it was described by one regulator as,
<
blockquote>‘Or, as one member of the team put it: “The package is a pile of shit.”’
<
blockquote>
Not exactly a ringing endorsement Microsoft Seniors at the very top pretended it was…
I guess it all depends on who you bribe and how.
This sort of nonsense is far from knew so remember it when you are told so use “Micro$hit” cloud products…