A New WhatsApp Vulnerability Could Allow Spyware Installation Through MP4 Videos
- November 22, 2019
- Posted by: Mohamed Atef
- Category: News
Sharing videos on WhatsApp is a cool feature. However, due to a bug, this feature could have become a security threat for users. Facebook has recently revealed a WhatsApp vulnerability that could allow installing malware to target devices. WhatsApp Vulnerability Triggered Through MP4 Videos Facebook has disclosed a serious WhatsApp vulnerability that exposed users to potential malware attacks. As disclosed in an advisory, the stack-based buffer overflow vulnerability existed in almost all WhatsApp versions for both the consumers and enterprise apps. To trigger the flaw, an attacker would simply have to send maliciously crafted MP4 videos to the target users.
Exploiting the bug could allow the attacker to execute remote code. It also permitted the attacker to install spyware or any other malware to the victim’s device. Facebook Released The Patched Version Fortunately, Facebook have fixed the vulnerability with the release of WhatsApp updates rolled out on November 13, 2019. Therefore, if the users are running the following vulnerable app versions, they must ensure updating their respective devices accordingly.
- WhatsApp for Android versions prior to 2.19.274
- WhatsApp for iOS versions prior to 2.19.100
- Windows Phone versions including and prior to 2.18.368
- WhatsApp Enterprise Client versions prior to 2.25.3
- Business for Android versions prior to 2.19.104
- Business for iOS versions prior to 2.19.100
In October, Facebook also fixed another bug in WhatsApp that could allow hijacking chat sessions using malicious GIFs.