Call of Duty: WWII has been removed from the Xbox PC Game Pass due to a remote code execution (RCE) vulnerability, causing chaos for players. The game, released quietly, quickly turned into a nightmare for players who experienced pop-ups, downloads, and even a lawyer’s face appearing on their desktop.
The RCE exploit allows attackers to remotely run malicious code on a victim’s computer, posing serious security risks beyond in-game cheating. Cybersecurity experts warn that such vulnerabilities can lead to malware installation, data theft, and other malicious activities.
![Minecraft Java & Bedrock - PC [Digital Code]](https://m.media-amazon.com/images/I/714To4lwQbL._AC_UL320_.jpg)
Footage shared by streamer Wrioh demonstrated the impact of the exploit as Call of Duty: WWII froze during gameplay, followed by suspicious command windows and unexpected desktop wallpaper changes. Another user, @LasagneManne, revealed a cheat tool with an RCE toggle, indicating the exploit’s presence alongside traditional cheat features.
VX-Underground, a reputable group focused on malware research, confirmed instances of RCE abuse in the game, with reports of pop-ups, shutdowns, and inappropriate content appearing on players’ screens. The exploit targets PC players, exploiting vulnerabilities in the game’s networking infrastructure.
An administrator from VX-Underground provided insights into the technical aspects of the exploit, explaining how attackers could deliver malicious payloads to remote targets. The use of outdated peer-to-peer networking in Call of Duty: WWII exposes players’ IP addresses, making them susceptible to attacks.
While the situation is concerning, experts note that the attacker’s focus appears to be on causing disruption rather than serious harm. However, the exploit’s potential to install malware like info stealers or ransomware remains a significant threat.
Activision has taken Call of Duty: WWII offline on PC to investigate the RCE exploit further. The company has not yet confirmed the existence of the vulnerability officially but has delisted the game from the Microsoft Store, urging affected players to refrain from launching the game until a resolution is reached.
As the gaming community grapples with the fallout from this exploit, the incident serves as a stark reminder of the importance of robust cybersecurity measures in the gaming industry. Players are advised to stay vigilant and cautious while developers work to address vulnerabilities and ensure a safe gaming environment.
📰 Related Articles
- Call of Duty: WWII PC Game Pass Breach Sparks Concerns
- Activision Pulls Call of Duty: WWII from Game Pass Due to Hacking Concerns
- Call of Duty: WWII PC Security Breach Raises Concerns
- Activision’s Call of Duty: WWII Cyber Attack Sparks Security Concerns
- Xbox Games Showcase 2025 Unveils Exciting Lineup for Game Pass