Call of Duty: WWII has been removed from the Xbox PC Game Pass platform just days after its release, following reports of a remote code execution (RCE) exploit affecting players. This exploit reportedly allows attackers to run malicious code on users’ PCs, causing a range of issues, from unexpected Notepad pop-ups to PC shutdowns and even changing desktop wallpapers to images of a lawyer.
Unlike typical cheats or hacks that interfere with gameplay, RCE vulnerabilities let attackers execute arbitrary code remotely through the game software itself. Online security firm Invicti defines RCE as a vulnerability enabling malicious actors to run code in the programming language used by the application from outside the system running it. These types of attacks are among the most dangerous cyber threats gamers can face.
Evidence of this exploit surfaced through several sources. Streamer Wrioh shared a clip on X showing their game freezing, followed by pop-up dialogue boxes and the desktop wallpaper switching to a man’s face. Another user, LasagneManne, claimed to have been offered this exploit for purchase and posted screenshots of the tool’s capabilities, which include traditional cheats such as kicking players and enabling God Mode, alongside the RCE features. Yikes.
I JUST GOT HACKED PLAYING WW2! EVERYONE DO NOT PLAY WW2 ON GAMEPASS! @Xbox @XboxSupport @Activision @charlieINTEL @CODUpdates @FaZeScope @Mobbing pic.twitter.com/I5pehK1kHK
— Wrioh (@WriohEdits) July 3, 2025
White hat group VX-Underground, known for its malware research (and an impressive collection of cat pictures), confirmed the exploit’s existence and described the trolling as involving Notepad pop-ups, PC shutdowns, and inappropriate content. They noted the wallpaper image is of a prominent lawyer hired by Activision to prosecute video game cheaters. According to VX-Underground’s admin, “Smelly,” the attacker could potentially deploy information-stealing malware, remote administration tools, or ransomware, though so far, it seems their goal is mainly to mess with players rather than cause serious harm.
Activision has not addressed the exploit directly but confirmed that the PC Game Pass version of the 2017 shooter was taken offline while they investigated the issue. The game remains available on Steam and Battle.net, but you may want to hold off on firing it up until this issue is resolved.
Wow, remote code exploits in a major title? It raises the question: how safe are we really when playing these big-name games on PC? And what does it say about the security of digital distribution platforms?
