Microsoft has fixed a critical security vulnerability in Age of Empires II: Definitive Edition that could have allowed attackers to take control of a player’s computer through a specially crafted multiplayer game invite.

The vulnerability was among the large number of security flaws addressed during Microsoft’s latest Patch Tuesday updates. According to security researchers, the bug could be triggered when a player joined a malicious game lobby and automatically accepted user-generated content, potentially leading to remote code execution.

Cybersecurity company Rapid7 said a successful attack could have allowed hackers to place malicious files on the victim’s computer and execute arbitrary code. In practice, this could have given attackers full control over the compromised system, enabling them to install malware, steal sensitive information, or carry out additional attacks.

A demonstration shared by security researcher Rick de Jager on X showed how the vulnerability could be exploited using a malicious multiplayer invitation. The flaw has been assigned CVE-2026-50663.

While there is currently no evidence that the vulnerability was exploited in real-world attacks, security experts warn that online games are attractive targets because they can expose large numbers of users to malware through multiplayer features and shared content.

Microsoft has released a security update to address the issue, and players are strongly encouraged to install the latest game updates as soon as possible to protect their systems.


Buy ExpressVPN with PayPal or Credit Card
Advertisement
READ
Australian Cyber Agency Warns of Global Attacks Targeting WordPress, Joomla, Craft CMS, and Other Websites