In a swift and concerning development for the gaming community, Activision has temporarily removed “Call of Duty: WWII” from Xbox Game Pass. The move comes just days after the popular first-person shooter was added to the service, following widespread reports of players’ computers being compromised through a severe hacking vulnerability. The incident highlights the ever-present collision between the worlds of online gaming and cybersecurity.
A Critical Flaw Exploited
The core of the problem lies in a “remote code execution” (RCE) vulnerability within “Call of Duty: WWII.” This type of flaw is particularly dangerous as it allows attackers to run their own code on a victim’s computer without permission, effectively taking control of the system. For gamers, this means that simply playing the game could open a backdoor for hackers to access their personal computers. Malwarebytes, a cybersecurity firm, has reported instances of hackers using this RCE vulnerability to “gain remote access to other players’ computers during games.”
A Brief Introduction about Prof. Triveni Singh, PhD | Ex-IPS | FCRF| FutureCrime Researcher
Beyond Gameplay: System Compromise
The implications of this RCE vulnerability extend far beyond mere disruption of gameplay. Once hackers gain remote access, they have demonstrated the ability to perform a range of intrusive actions on affected machines. Reports indicate that attackers have been able to open command prompts, force computer shutdowns, send messages using applications like Notepad, and even change desktop wallpapers to inappropriate imagery. This level of control underscores the severity of the threat, as it could potentially lead to data theft, installation of further malware, or other malicious activities.
Activision and Microsoft Respond
In response to the escalating concerns, Activision and Microsoft have taken action. While a detailed statement from both companies is still awaited, Microsoft has issued a brief update via X (formerly Twitter), stating: “Call of Duty: WWII on PC Microsoft Store was brought offline while we investigate reports of an issue.” This immediate removal from Game Pass and the Microsoft Store for PC users is a clear indication of the seriousness with which the companies are treating the vulnerability. The gaming community is eagerly awaiting further official communication and a resolution to the security lapse.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Urgent Warning for Players
Pieter Arntz, a senior malware intelligence analyst with Malwarebytes, emphasized the alarming nature of the vulnerability. “This vulnerability is particularly alarming because it not only allows hackers to disrupt gameplay,” he stated, “it has the potential to compromise gamers’ entire PCs remotely.” Given this grave risk, gamers who play “Call of Duty: WWII” on their Windows PC via the Microsoft Store or Game Pass are strongly advised to cease playing the game until more clarity emerges regarding the RCE security issue and a fix is implemented. The incident serves as a stark reminder for all online gamers to remain vigilant about their cybersecurity.