WhatsApp patches a severe vulnerability that could have exposed your private messages
- The vulnerability was disclosed by security firm Check Point Research in November last year.
- WhatsApp patched it three months later, and claims that there is evidence that it had been exploited.
AdvertisementPopular messaging service WhatsApp has patched a severe vulnerability in its app that could have allowed malicious third-parties to access sensitive user data, including your private messages.
The vulnerability was first flagged by security firm Check Point Research, which alerted the Facebook-owned messaging service back in November last year. WhatsApp took three months to patch the security hole, with the roll out of WhatsApp v22.214.171.124 for Android.
WhatsApp claims that there is no evidence that the vulnerability was abused.
What is this vulnerability and how could it expose WhatsApp messages?
The vulnerability, known as “Out-of-Bounds read-write vulnerability”, was discovered by Check Point Research.
“Once we discovered the security vulnerability, we quickly reported our findings to WhatsApp, who was cooperative and collaborative in issuing a fix,” said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point.
“This report involves multiple steps a user would have needed to take and we have no reason to believe users would have been impacted by this bug. That said, even the most complex scenarios researchers identify can help increase security for users,” WhatsApp said in a statement.
Hackers could potentially exploit it by sending a malicious image file to you, and then asking you to send it back to them by applying an image filter in WhatsApp. This would trigger the vulnerability, allowing the hacker to exploit it and gain access to your WhatsApp messages and previously sent images and videos.
While the potential exposure itself is highly sensitive and concerning, it involves using a complex and elaborate set of steps to exploit the vulnerability.
How to prevent being exploited by these vulnerabilities
AdvertisementOne of the best ways to avoid being exploited by hackers is to keep your apps and operating system up to date. Software updates usually consist of bug and security fixes, so it is important that you keep your devices and apps up to date.
Further, avoid interacting with strangers and people you don’t trust, especially when it involves sending attachments like documents, files, images or videos. These are some of the most common vectors used by hackers to exploit security vulnerabilities to gain access to your data.
Here’s how to fix Wi-Fi connection issues in Windows laptop
It’s been crazy following updates on Twitter — here’s all that happened in a week
Apple hit with antitrust case in India alleging its 30% commission is unfair for customers and app developers
Popular on BI
- A 24-year-old stock trader who made over $8 million in 2 years shares the 4 indicators he uses as his guides to buy and sell
- Financial inclusion made easy for India’s small merchants with Paytm’s pioneering QR codes and Soundbox
- This frequent flyer who's been 'skiplagging' for a decade says she has 'no remorse and no angst'
- Highest strike rate in IPL 2023: Rahane beats Jaiswal; SKY only Indian in top four
- Godrej Group arm to invest ₹100 crore to acquire material handling equipment to be rented out
- These are must to do activities in Lonavala on your next visit
- Inox Wind gets 150-MW wind energy project from NTPCREL
- RBI’s gold holdings jump over 17% to a whopping ₹2,30,734 crore