WhatsApp Bug That Let Hackers Use MP4 Files to Exploit Devices Fixed
Many users believe WhatsApp is one of the most secure messaging service on the planet, but recent reports seem to suggest otherwise. After reports of WhatsApp being used to spy on users in India, Facebook (WhatsApp's parent visitor) has at present disclosed that an exploit allowing remote code execution has been patched. Previously, hackers could exploit this loophole, using an MP4 video file, to execute the assault and gain access to your personal data.
Facebook has revealed the vulnerability (which is tagged every bit CVE-2019-11931) in a recent security informational report. Information technology immune hackers to employ specially-crafted MP4 video files (which look seemingly standard) to remotely execute malicious code on your devices without your knowledge. Non a whole lot of details take been doled out hither but the issue was caused by how WhatsApp parses MP4 videos inside your conversations.
Facebook elaborates on the vulnerability proverb, "A stack-based buffer overflow could be triggered in WhatsApp by sending a peculiarly crafted MP4 file to a WhatsApp user. The upshot was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS [denial of service] or RCE [remote code execution]."
This vulnerability exists in WhatsApp Android versions prior to 2.19.274 and iOS versions prior to two.nineteen.100. Windows Telephone versions before and including ii.18.368 and WhatsApp Business versions prior to 2.xix.104 on Android and prior to two.19.100 on iOS are affected.
"WhatsApp is constantly working to ameliorate the security of our service. We make public reports on potential bug nosotros have fixed consistent with industry best practices. In this example, there is no reason to believe that users were impacted," confirms a Facebook spokesperson.
Facebook suggests updating WhatsApp to the newest software build to avoid the risk of hackers exploiting your personal data. In that location are no reports of the exploit being actively used at the moment. This is the second exploit that WhatsApp has disclosed in the past calendar month. There's no mode we forget the use of NSO's Pegasus spyware for keeping tabs on Indian journalists and human being rights activists via WhatsApp.
Source: https://beebom.com/whatsapp-bug-mp4-file-exploit-fixed/
Posted by: greenpuntore.blogspot.com
0 Response to "WhatsApp Bug That Let Hackers Use MP4 Files to Exploit Devices Fixed"
Post a Comment