WhatsApp patches a severe vulnerability that could have exposed your private messages
- The vulnerability was disclosed by security firm Check Point Research in November last year.
- WhatsApp patched it three months later, and claims that there is evidence that it had been exploited.
The vulnerability was first flagged by security firm Check Point Research, which alerted the Facebook-owned messaging service back in November last year. WhatsApp took three months to patch the security hole, with the roll out of WhatsApp v18.104.22.168 for Android.
WhatsApp claims that there is no evidence that the vulnerability was abused.
What is this vulnerability and how could it expose WhatsApp messages?
The vulnerability, known as “Out-of-Bounds read-write vulnerability”, was discovered by Check Point Research.
“Once we discovered the security vulnerability, we quickly reported our findings to WhatsApp, who was cooperative and collaborative in issuing a fix,” said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point.
“This report involves multiple steps a user would have needed to take and we have no reason to believe users would have been impacted by this bug. That said, even the most complex scenarios researchers identify can help increase security for users,” WhatsApp said in a statement.
Hackers could potentially exploit it by sending a malicious image file to you, and then asking you to send it back to them by applying an image filter in WhatsApp. This would trigger the vulnerability, allowing the hacker to exploit it and gain access to your WhatsApp messages and previously sent images and videos.
While the potential exposure itself is highly sensitive and concerning, it involves using a complex and elaborate set of steps to exploit the vulnerability.
How to prevent being exploited by these vulnerabilities
One of the best ways to avoid being exploited by hackers is to keep your apps and operating system up to date. Software updates usually consist of bug and security fixes, so it is important that you keep your devices and apps up to date.
Further, avoid interacting with strangers and people you don’t trust, especially when it involves sending attachments like documents, files, images or videos. These are some of the most common vectors used by hackers to exploit security vulnerabilities to gain access to your data.
Here’s how to fix Wi-Fi connection issues in Windows laptop
It’s been crazy following updates on Twitter — here’s all that happened in a week
Apple hit with antitrust case in India alleging its 30% commission is unfair for customers and app developers
Popular on BI
- Rishi Sunak on spending spree on skills, healthcare in UK Budget
- New IPL teams: BCCI expecting anything between ₹7,000-₹10,000 crore with Adani, Goenka, Aurobindo in fray
- Chip shortage hits new brands in tough Indian laptop market
- Petrol and diesel prices hiked again by 35 paise for fifth consecutive day across the country
- India vs Pakistan at ICC T20 World Cup: The ‘Men in Blue’ have a definite advantage in this one