Activision has temporarily taken down the Microsoft Store version of Call of Duty: WWII after a serious security vulnerability allowed hackers to exploit the game and gain unauthorized access to players’ PCs, according to a source familiar with the matter.
Game Taken Offline After Hacking Reports
Last week, the gaming giant announced that it had removed the game from online availability while investigating an unspecified issue. However, new information has revealed that the decision was made following confirmed reports of real-world hacking incidents linked to a remote code execution (RCE) vulnerability—an exploit that enables attackers to run malicious code on a user’s system.
Players had been reporting incidents on social media platforms, claiming that they were hacked after playing the game. One Reddit user warned: “The game is not safe to play on PC right now, there’s an RCE exploit.”
Only Microsoft Store and Game Pass Versions Affected
According to sources, the affected version—available through the Microsoft Store and Game Pass—included an older vulnerability that had already been patched in other releases, such as the one available on Steam. This outdated flaw was apparently reintroduced during the game’s relaunch on new platforms, creating a new attack surface for threat actors.
As of now, the game remains offline for those platforms, with no official timeline for a fix.
A Pattern of Cybersecurity Challenges
This is not the first time Activision has faced significant cybersecurity issues. Over the past few years:
- In November 2024, a vulnerability in the company’s anti-cheat system allowed a hacker to wrongly ban thousands of legitimate players.
- Earlier that year, the company investigated a campaign that used infostealer malware to extract players’ login credentials.
- In 2023, hackers exploited a long-standing unpatched bug to spread self-replicating malware across Call of Duty: Modern Warfare users.
These repeated incidents raise concerns about the gaming industry’s evolving cybersecurity posture. While some companies have invested in stronger security and anti-cheat infrastructures, Activision has undergone multiple rounds of layoffs—some affecting its cybersecurity staff directly.
Why This Matters
With cyberattacks on gaming platforms becoming increasingly sophisticated, this incident is a reminder of the importance of secure coding practices, timely patch management, and robust vulnerability testing—especially for products that reach millions of users.
🔒 Nubetia helps organizations prevent, detect, and respond to threats before they escalate. Whether you develop software, run cloud infrastructure, or manage customer platforms, we deliver the cybersecurity and observability tools you need to stay one step ahead. Visit nubetia.com for more.