The sudden removal of Call of Duty: WWII from the Microsoft Store highlights a deeply troubling and dangerous issue in PC gaming security: remote code execution (RCE) attacks during online multiplayer sessions. In this case, the attack allowed malicious players to seize full control of other users' computers, effectively turning a game into a serious cybersecurity threat.
This vulnerability came to light just days after the title was added to Xbox Game Pass on June 30, 2025 — a move that likely drew thousands of new players to the game. By July 5, after mounting video evidence and complaints, the Call of Duty Updates team acknowledged the issue and pulled the PC version from the store.
What Makes This So Alarming?
-
RCE attacks are among the most dangerous cyber threats. They allow hackers to execute arbitrary commands on a victim’s system. In this case, victims experienced:
-
Spontaneous opening of command prompts
-
Forceful shutdowns
-
Alteration of desktop backgrounds with offensive imagery
-
Full system control being taken over remotely
-
-
The root of the problem appears to be Call of Duty: WWII’s reliance on peer-to-peer (P2P) networking, where one player's machine hosts the session instead of using dedicated, secure servers. While P2P is cheaper for publishers, it dramatically increases vulnerability—especially in legacy titles that haven't received regular security updates.
Broader Implications
This isn’t just about cheating or exploiting in-game mechanics—it crosses the line into cybercrime. Players are no longer just at risk of losing matches; they're at risk of losing control of their PCs.
The Call of Duty PC community has long warned against playing older titles online, particularly due to issues like:
-
Lack of anti-cheat or network security updates
-
Unmonitored lobbies where modders and hackers thrive
-
Developer inaction toward legacy title threats
What's Next?
As of now:
-
Activision has not stated when the game will return to the Microsoft Store.
-
There is no official word on whether the Steam version is compromised, though players are treating all PC versions with caution.
-
The company has not offered a patch or mitigation steps yet.
Recommendation
If you're a PC player:
-
Do not launch Call of Duty: WWII via Game Pass, Microsoft Store, or Steam.
-
If you’ve already played it online recently, consider scanning your system with a reliable antivirus/malware removal tool and changing important passwords as a precaution.
-
Keep tabs on Activision Support or official Call of Duty social accounts for updates.
This situation also renews calls for publishers to retire or re-secure old multiplayer titles if they are still being promoted on modern platforms like Game Pass. Until then, players are left to choose between nostalgia and digital safety — a decision that shouldn’t be necessary in the first place.
