remote code execution Archives

AppWizard

July 10, 2025

Activision pulls game after PC hacking reports

Activision has removed Call of Duty: WWII from the Microsoft Store and PC Game Pass due to reports of hackers exploiting a critical vulnerability in the game's PC versions. Players experienced hijacked computers during gameplay, with evidence of remote code execution attacks. An outdated and insecure build of the game was uploaded to Microsoft’s services, despite having been patched on other platforms. The game is still accessible via Steam and console versions. Activision has not reinstated access to the game and is investigating the security breach.

Winsage

July 10, 2025

If you haven’t upgraded to Windows 11 24H2 yet, Microsoft’s giving you a good reason to do so

Microsoft has rolled out version 24H2 of Windows 11, enhancing its security framework by updating the scripting engine from JScript to JScript9Legacy. This upgrade improves performance for applications and web pages using JScript and reduces the likelihood of security breaches, particularly from cross-site scripting (XSS) and web-based attacks. The new engine features enhanced management of JavaScript objects and stricter execution policies, increasing resilience against malicious scripts. Windows 11 24H2 has a more robust security posture than its predecessor, 23H2, and the upgrade will become compulsory. Windows 11 25H2 is expected to include similar security improvements.

AppWizard

July 10, 2025

Call of Duty: WWII pulled from PC Game Pass after hackers hijack players’ PCs

Activision has removed Call of Duty: WWII from the Microsoft Store and PC Game Pass due to reports of player hacks linked to a critical security vulnerability that allowed hackers to gain remote access to players' computers. This issue arose shortly after the game's introduction to Microsoft’s Game Pass in late June 2025, with players experiencing computer freezes, unexpected command prompts, shutdowns, and direct messages from hackers. The vulnerability, known as Remote Code Execution (RCE), was present in the outdated version on the Microsoft Store, while the Steam version had been patched. Activision has not provided details on the removal or a timeline for the game's return, and players are advised against downloading it from any platform until security concerns are addressed.

Winsage

July 10, 2025

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)

Microsoft released patches for 130 vulnerabilities in the July 2025 Patch Tuesday update. Notable vulnerabilities include CVE-2025-49719, an uninitialized memory disclosure in Microsoft SQL Server, and CVE-2025-47981, a wormable remote code execution flaw in Windows. CVE-2025-49719 is assessed as having "unproven" exploit code, while CVE-2025-47981 has a high likelihood of exploitation within 30 days. Other vulnerabilities include CVE-2025-49717, a buffer overflow in SQL Server, and CVE-2025-49704, which allows code injection in SharePoint. Additionally, updates address vulnerabilities in Windows Routing and Remote Access Service (RRAS) and Microsoft Edge, including CVE-2025-6554, which has been actively exploited. Administrators are advised to prioritize patching internet-facing assets and consider additional mitigations for RRAS vulnerabilities.

AppWizard

July 9, 2025

Activision pulls Call of Duty game after PC players are hacked

Activision has removed Call of Duty: WWII from the Microsoft Store and Game Pass due to security breaches affecting players. The game is offline while the publisher investigates reports of hacks experienced by PC users. It remains available on Steam and other consoles. Players have reported significant security threats, including a video from streamer Wrioh demonstrating hacking incidents. The version of the game on Microsoft’s platforms reportedly contained an outdated flaw.

Winsage

July 9, 2025

Microsoft Patch Tuesday, July 2025 Edition

Microsoft has released updates addressing 137 vulnerabilities across its Windows operating systems and supported software, with 14 classified as "critical." CVE-2025-49719 is a publicly disclosed information disclosure flaw affecting all SQL Server versions since 2016, posing a supply-chain risk due to its potential exploitation without authentication. SQL Server 2012 has reached its end of life, meaning no future security patches will be available. CVE-2025-47981 is a critical remote code execution vulnerability with a CVSS score of 9.8, affecting Windows clients and Windows Server. Microsoft also addressed four critical remote code execution vulnerabilities in its Office suite, including CVE-2025-49695 and CVE-2025-49696, which can be triggered through the Preview Pane. Other high-severity vulnerabilities include CVE-2025-49740, which could bypass Microsoft Defender SmartScreen, and CVE-2025-47178, allowing attackers to execute arbitrary SQL queries with minimal privileges. Adobe has also released security updates for various software, and users are advised to back up data before installing patches.

Winsage

July 9, 2025

Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws

A series of vulnerabilities have been identified affecting AMD and Microsoft products, with several classified as critical. For AMD: - CVE-2025-36357: A critical transient scheduler attack in the L1 Data Queue. - CVE-2025-36350: A critical transient scheduler attack in the Store Queue. For Microsoft Office: - CVE-2025-49697: A critical remote code execution vulnerability. - CVE-2025-49695: A critical remote code execution vulnerability. - CVE-2025-49696: A critical remote code execution vulnerability. - CVE-2025-49702: A critical vulnerability requiring urgent remediation. Additional important vulnerabilities in Microsoft components include: - CVE-2025-47988: A remote code execution vulnerability in the Azure Monitor Agent. - CVE-2025-49690: An elevation of privilege vulnerability in the Capability Access Management Service. - CVE-2025-48816: An elevation of privilege vulnerability in the HID Class Driver. - CVE-2025-47178: A remote code execution vulnerability in Microsoft Configuration Manager. In the Windows ecosystem: - CVE-2025-49685: An elevation of privilege vulnerability in the Windows Search Component. - CVE-2025-49666: A remote code execution vulnerability in the Windows Kernel. - CVE-2025-49688: A remote code execution vulnerability in the Windows Routing and Remote Access Service.

Winsage

July 9, 2025

Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited

Microsoft addressed a total of 130 vulnerabilities in its latest Patch Tuesday initiative. A significant vulnerability in SQL Server, identified as CVE-2025-49719, has a CVSS score of 7.5 and is due to improper input validation, potentially allowing unauthorized access to sensitive data. It affects SQL Server versions from 2016 to 2022. Another critical vulnerability, CVE-2025-47981, has a CVSS score of 9.8 and allows unauthenticated remote code execution without user interaction. This vulnerability poses a high risk due to its low attack complexity and potential for lateral movement within networks. Additionally, the update includes 16 vulnerabilities affecting Microsoft Office, with four categorized as more likely to be exploited.

AppWizard

July 8, 2025

Activision took down Call of Duty game after PC players hacked, says source

Activision has temporarily removed the Microsoft Store version of “Call of Duty: WWII” due to a serious security breach involving a vulnerability that allowed hackers unauthorized access to players' computers. The company is investigating the situation and is working on a patch to resolve the exploit. Players have reported hacking incidents while playing, with concerns raised about a remote code execution vulnerability. The affected version of the game differs from those on Steam, as it contained an outdated flaw that had already been patched elsewhere. Activision has faced multiple hacking incidents in recent years, including issues with its anti-cheat system and malware targeting players. The company has also experienced layoffs that have impacted its cybersecurity resources.

AppWizard

July 8, 2025

Call of Duty: WW2 on PC Game Pass yanked offline amid reports security exploits are leaving players with screens full of smut

Activision has temporarily removed the PC Game Pass version of Call of Duty: WW2 due to reports of an unspecified issue, with concerns raised about a potential remote code execution (RCE) exploit causing disruptive app pop-ups, unexpected PC shutdowns, and inappropriate content. The game is unavailable on both the Game Pass and Microsoft Store but remains accessible on Steam and Battle.net. Community feedback indicates that the game may be vulnerable to RCE exploits, allowing malicious actors to execute harmful code on players' systems. A notable incident involved streamer Wrioh, who reported being "hacked," with a video showing a pop-up claiming, "just RCE'd your ass," and a change to their desktop wallpaper. The VX-Underground malware research collective shared images of an alleged RCE attack, highlighting an "unpatched RCE exploit" and instances of trolling with pop-ups and inappropriate content. VX-Underground speculated that the attacker could deploy various forms of malware, though their primary intent seems to be creating chaos. As of now, Call of Duty: WW2 for PC Game Pass and the Microsoft Store remains offline, with no updates from Activision on its return.