Actually, Call of Duty: WW2 should provide you with a great time, but a security vulnerability poses a risk to players’ PCs.
What is happening with CoD WW2? On July 1st, Call of Duty: WW2 became available in the Microsoft Store and Game Pass on PC. PC players could now play the Activision shooter through the subscription.
CoD: WW2 was released back in 2017. The game immerses players in the setting of World War II and offers a campaign as well as a co-op mode with its own story – making it interesting even for Game Pass subscribers who are not interested in multiplayer combat.
However, Activision has now announced that they have taken the shooter offline in the Microsoft Store and are investigating reports of an issue with the game (X.com).
WW2 becomes a risk for your gaming PC
What is the problem? In recent days, there have been reports from players who were hacked through the Game Pass version of Call of Duty: WW2. According to some users, the reported incidents could be possible due to an exploit in the anti-cheat system. In this case, attackers could take control of the victims’ PCs. One player writes on Reddit:
“I played Call of Duty: WW2 today, which was released in the Game Pass a few days ago. I was excited, searched for a game on ‘Shipment’, and started playing. Suddenly, my command window opened with a message that said: ‘Marc E. Meyer has just executed an RCE on your system, please contact Mitchell Silberberg & Knupp LLP.’ A website of a lawyer named Marc E. Meyer also opened. I know this could be a troll, but I thought Microsoft’s services were secure.”
Other players have also fallen victim to the same supposed “troll.” One user even posted a video of the situation on X.com when suddenly his command line opened with the text. A user on Reddit also explains that the problem is not new and affects other “Call of Duty” titles as well. However, the Steam versions are safe:
“Ironically, the Steam version of WWII is fine since it uses dedicated servers. When the game was ported to Game Pass in the Microsoft Store, it was switched to P2P matchmaking, making it vulnerable to RCE exploits. This affects not only WWII but every CoD that uses P2P matchmaking, such as MW2, MW3, Ghosts, Advanced Warfare, BO3, and Modern Warfare Remastered.”
P2P stands for “Peer-to-Peer.” In this type of matchmaking, one of the players becomes the host of the lobby, and the player’s PC takes on the role of the server.
Attackers can do more than just troll
Why is this a risk for players? What players are experiencing is referred to as Remote Code Execution (RCE), which translates roughly to “Code Execution from a distance” in German.
In an RCE, attackers remotely penetrate the victims’ system through a software vulnerability and take control. They can then make changes to the system, install malware, steal data, and activate the microphone or webcam. Additionally, they can completely block or disable the system.
While the current reports seem to be just a troll scaring players with trivial and harmless messages or pop-ups, the troll’s actions have shown what danger players are exposed to due to WW2.
If you wanted to play Call of Duty in the coming days, you might want to stay away from older titles and Game Pass versions. Instead, you could take another look at Black Ops 6. The mid-season update has just been released. You can find the most important information here on MeinMMO: CoD: Black Ops 6 Season 4 Reloaded has launched – All important information in 2 minutes
