Call of Duty Gamers Hacked via RCE Exploit Allowing Player-to-Player Attacks

The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a serious security flaw surfaced, which is concerning for the gaming community.

The culprit appears to be a Remote Code Execution (RCE) vulnerability an especially dangerous flaw that enables attackers to execute malicious code on a victim’s system without requiring physical access or user consent.

Critical Vulnerability Disrupts Call of Duty

This exploit, discovered mere days after the 2017 title became available on Microsoft’s Xbox and PC Game Pass subscription services, has allowed hackers to infiltrate and manipulate other players’ systems during live multiplayer matches.

The impact of this breach is significant, as it not only disrupts gameplay but also poses a substantial risk to the overall security of affected PCs.

The RCE vulnerability in Call of Duty: WWII has been exploited in alarming ways, with attackers gaining unauthorized access to victims’ machines through the game’s peer-to-peer (P2P) networking structure, where one player’s device often serves as the match host.

Reports indicate that hackers have opened command prompts on victims’ systems, sent taunting messages via Notepad, forcibly shut down computers remotely, and even altered desktop wallpapers to display inappropriate content.

Exploits and Impacts

Such actions highlight the severity of RCE exploits, which can potentially lead to data theft, system hijacking, or malware installation.

Notably, this issue is exclusive to Windows PC players, as console environments typically restrict the level of code execution necessary for such attacks.

This incident underscores a longstanding concern within the Call of Duty community about the security of older titles, with many players historically avoiding multiplayer modes on platforms like Steam due to similar risks.

Microsoft’s acquisition of Activision in 2023 has seen flagship titles like Call of Duty gradually integrated into Game Pass, but this latest debacle raises questions about the robustness of security measures for legacy games on modern platforms.

Speculation is rife that Activision may be working on updates to its anti-cheat system, Ricochet, to curb cheating and potentially address this vulnerability.

However, there is no confirmation yet on whether these updates will fully resolve the RCE flaw or how soon a fix might be deployed.

The gaming community remains on edge, awaiting official word from Activision on a patch or mitigation strategy.

For now, the recommended course of action is clear: PC gamers should refrain from playing Call of Duty: WWII, particularly versions accessed through the Microsoft Store or Game Pass, until a security patch is released.

Additionally, players are urged to promptly install any available system and game updates, deploy active anti-malware software, and closely monitor Activision’s official channels for updates on the resolution of this critical issue.

This incident serves as a stark reminder that even well-established titles can harbor hidden vulnerabilities, putting not just gameplay but entire systems at risk of compromise.

As the situation unfolds, the focus remains on how swiftly and effectively Activision can safeguard its community from such invasive threats.

Stay Updated on Daily Cybersecurity News, Follow us on Google News, LinkedIn, and X.