Call of Duty game exclusively on Xbox Game Pass lately plagued by Remote Code Execution (RCE) hackers, prompting caution and postponement of gameplay until a solution is implemented.

Call of Duty game exclusively on Xbox Game Pass lately plagued by Remote Code Execution (RCE) hackers, prompting caution and postponement of gameplay until a solution is implemented.

In a concerning turn of events, Call of Duty: WWII on PC via Xbox Game Pass has been hit by a severe Remote Code Execution (RCE) exploit, allowing hackers to remotely control players' computers during online multiplayer matches [1][2][4].

The extent of these hacks is alarming, with players reporting real-time intrusions that trigger random pop-ups, open pornography, type messages in Notepad, and even force PC shutdowns [1][2][4]. Hackers leave insulting messages on victims' screens and can manipulate the victim's system arbitrarily, demonstrating full remote access [1].

This exploit has become widespread since the game's addition to Xbox Game Pass, flooding forums and social media with complaints [1][2][3]. The issue seems to affect primarily PC versions via Game Pass, particularly those using peer-to-peer connections rather than dedicated servers [3].

The root cause of the vulnerability is an unpatched RCE vulnerability in the game's networking code, which likely stems from the use of peer-to-peer matchmaking rather than dedicated servers [3]. This makes it easier for malicious players to send arbitrary code to others during online matches. The vulnerability has been known in the Call of Duty community for years, dating back to earlier titles like Call of Duty: World at War, but it remains unaddressed for WWII on PC Game Pass [3].

Activision has not officially supported or patched older Call of Duty games extensively, contributing to their vulnerability to hacking [2]. Until an official patch is released by Activision or Microsoft, it is strongly advised that players avoid playing Call of Duty: WWII online on PC via Game Pass to prevent exposure to these hacks [2][3].

The offline campaign mode remains safe since it does not involve network connectivity [2]. Players should maintain up-to-date antivirus and antimalware software as a precaution in case any malware is introduced through the exploit. There is a call within the community for Activision and Microsoft to implement dedicated servers or patch the peer-to-peer vulnerabilities to stem these attacks [3][4].

Monitoring official channels for updates and patches is essential, as a fix might come due to the game's high profile on Game Pass [2]. It's worth noting that Call of Duty: Black Ops 6 and Modern Warfare 2 were also added to Xbox Game Pass, and there are concerns that RCE exploits might affect these titles as well [5].

In a concerning turn, a user claims to have access to RCE exploits affecting most Call of Duty games, not just Call of Duty: WWII [6]. This raises questions about the security of other games on the platform.

The RCE exploit allows hackers to execute code on another player's PC remotely, potentially leading to PCs becoming botnet zombies. RCE hacks have been linked to data breaches and malware injections in the past [7].

Despite these concerns, Call of Duty: WWII has attracted a significant number of players since its addition to Game Pass, with many flocking to both Xbox and PC versions [8]. It's important to note that subscribing to Xbox Game Pass Ultimate ensures never missing out on anything coming to the service.

However, given the current state of security concerns, it's recommended to exercise caution when playing Call of Duty: WWII online on PC. Links to purchase Xbox Game Pass Ultimate memberships are available at Amazon, Best Buy, and CDKeys.

As of now, Activision and the developers at Sledgehammer Games and Raven Software have not publicly responded to player reports of RCE hacks in Call of Duty: WWII. Microsoft's acquisition of Activision Blizzard concluded in late 2023.

[1] https://www.techradar.com/news/call-of-duty-wwii-on-pc-is-currently-suffering-from-a-severe-remote-code-execution-rce-exploit [2] https://www.pcgamer.com/call-of-duty-wwii-pc-has-a-critical-rce-exploit-that-lets-hackers-take-control-of-your-pc/ [3] https://www.vice.com/en/article/93gxqb/call-of-duty-wwii-pc-rce-exploit-hackers-take-control [4] https://www.gamespot.com/articles/call-of-duty-wwii-pc-version-is-currently-suffering-from-a-critical-rce-exploit/1100-6503737/ [5] https://www.ign.com/articles/call-of-duty-wwii-pc-rce-exploit-hackers-take-control-of-your-pc [6] https://www.reddit.com/r/CallofDuty/comments/y7jc4z/rce_exploits_affecting_most_call_of_duty_games/ [7] https://www.bleepingcomputer.com/news/security/remote-code-execution-exploits-used-to-hack-call-of-duty-wwii-pc-players/ [8] https://www.pcgamer.com/call-of-duty-wwii-pc-player-count-is-up-since-xbox-game-pass-launch/

1. The alarming RCE exploit in Call of Duty: WWII on PC has been traced back to unpatched software within the game's networking code, making it easier for hackers to execute arbitrary code during online multiplayer matches.
2. Hackers have been seen controlling players' computers, triggering random pop-ups, opening pornography, typing messages in Notepad, and even forcing PC shutdowns, all while leaving insulting messages on victims' screens.
3. The use of peer-to-peer matchmaking in the game seems to be the primary culprit, as it allows malicious players to target victims directly.
4. Activision has yet to address this years-old vulnerability, and until an official patch is released, it is advised to avoid playing the online PC version of Call of Duty: WWII via Xbox Game Pass to prevent exposure to these hacks.
5. Gamers should also ensure their antivirus and antimalware software are updated as a precautionary measure, as the exploit could potentially introduce malware to PCs.
6. There are concerns that other Call of Duty titles, such as Call of Duty: Black Ops 6 and Modern Warfare 2, may also be affected by RCE exploits due to the same underlying vulnerabilities.

Read also: