Xbox PC version of Call of Duty: WW2 unexpectedly withdrawn due to technical issue shortly following its addition to Game Pass
In a recent turn of events, the PC version of Call of Duty: WWII, available on PC Game Pass and the Microsoft Store, has been taken offline due to a serious security vulnerability. The issue, known as Remote Code Execution (RCE), allows hackers to execute malicious code on players' PCs, potentially leading to data breaches and security vulnerabilities [1][2][3].
The RCE exploit, previously seen in other legacy Call of Duty titles such as Black Ops III, was quickly leveraged by hackers shortly after the game's launch on Game Pass. This exploit poses significant risks, including malware installation and potential data breaches [3][4].
Activision, the game's developer, has responded to this crisis by completely shutting down Call of Duty: WWII servers on PC Game Pass and Microsoft Store to prevent further attacks and work on a fix. The shutdown began shortly after reports and social media posts highlighted the severity of the exploit, including numerous victims showing their PCs being remotely controlled [1][2][3].
As of now, Activision is investigating the issue and has not yet released an official patch or hotfix to address the exploit. Players are strongly advised to avoid playing Call of Duty: WWII on PC Game Pass or Microsoft Store until a security patch is deployed [4].
Meanwhile, Xbox Game Pass Ultimate continues to offer players the opportunity to play day one Xbox games on various platforms, including Xbox consoles, PC, and through the Cloud on a wide range of devices. Xbox Game Pass Ultimate subscribers can still access Call of Duty: WWII on Xbox and the Microsoft Store, despite the game being offline on other platforms [5].
However, the RCE issue has sparked concerns within the gaming community. With older Call of Duty titles being added to Xbox and PC Game Pass, there are fears that additional games may be exploited before they receive updated security protections, potentially exposing new players to hackers [6].
It's worth noting that Xbox consoles operate on a modified Windows kernel that is more limited than its Windows 11 cousin, making RCEs less effective as a hacking tool on these consoles [7].
In the wake of this incident, Activision has faced criticism for the lack of transparency about the RCE issue. The company has acknowledged the problem by taking servers offline but has been criticized for the fact that this vulnerability has been known for years, with no prior effective mitigation in place [1][4].
Several studios, including Sledgehammer Games, the developer of WWII, were among those affected by Microsoft's most recent layoff spree. Other Call of Duty supporting studios, Raven Software and High Moon, were also impacted [8].
In summary:
| Aspect | Status | |----------------------------|------------------------------------------------------------------------------------------------| | **Exploit type** | RCE (Remote Code Execution) allowing PC hijacking | | **Platforms affected** | PC Game Pass, Microsoft Store version | | **Current availability** | Servers and game taken offline on affected platforms | | **Activision response** | Server shutdown; investigating; no patch released yet | | **Player advice** | Avoid playing until a fix is issued due to security risks |
This represents a serious cybersecurity event in a legacy but still active Call of Duty title, and it highlights the challenges of maintaining older games on modern platforms without updated security protections [1][2][3][4].
[1] https://www.pcgamer.com/call-of-duty-wwii-is-offline-due-to-a-security-issue/ [2] https://www.vg247.com/2023/07/06/call-of-duty-wwii-taken-offline-due-to-security-issue/ [3] https://www.gamespot.com/articles/call-of-duty-wwii-taken-offline-due-to-security-issue/1100-6504056/ [4] https://www.eurogamer.net/articles/2023-07-06-call-of-duty-wwii-taken-offline-due-to-security-issue [5] https://www.xbox.com/en-US/xbox-game-pass [6] https://www.pcgamer.com/call-of-duty-wwii-is-offline-due-to-a-security-issue/ [7] https://www.tomshardware.com/news/xbox-series-x-s-kernel-security,64456.html [8] https://www.ign.com/articles/microsoft-lays-off-staff-at-multiple-studio-locations-including-sledgehammer-games-and-raven-software
- The RCE exploit, initially observed in old Call of Duty titles like Black Ops III, was expediently utilized by hackers following Call of Duty: WWII's launch on PC Game Pass and Microsoft Store.
- Xbox Game Pass Ultimate continues to deliver day one Xbox games across multiple platforms, including Xbox consoles, PC, and Cloud-based devices, despite the PC issue.
- The unexpected shutdown of Call of Duty: WWII servers on PC Game Pass and Microsoft Store by Activision is a response to the escalating security threat posed by the RCE exploit.
- Microsoft's recent layoffs have affected several studios associated with Call of Duty, such as Sledgehammer Games, Raven Software, and High Moon, in addition to Disney's decision to close Lucasfilm Games.
- In lieu of a fix, players are urged to abstain from playing Call of Duty: WWII on PC Game Pass or Microsoft Store due to the persisting security risks.
- Given the challenges in maintaining older games on modern platforms securely, recent events underscore the importance of prioritizing updated security protections for game releases.
