New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices


whatsapp hacking vulnerability

The recent controversies surrounding the WhatsApp hacking haven’t yet settled, and the world’s most popular messaging platform could be in the choppy waters once again.

The Hacker News has learned that last month WhatsApp quietly patched yet another critical vulnerability in its app that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and files stored on them.

The vulnerability — tracked as CVE-2019-11931 — is a stack-based buffer overflow issue that resided in the way previous WhatsApp versions parse the elementary stream metadata of an MP4 file, resulting in denial-of-service or remote code execution attacks.

To remotely exploit the vulnerability, all an attacker needs is the phone number of targeted users and send them a maliciously crafted MP4 file over WhatsApp, which eventually can be programmed to install a malicious backdoor or spyware app on the compromised devices silently.

The vulnerability affects both consumers as well as enterprise apps of WhatsApp for all major platforms, including Google Android, Apple iOS, and Microsoft Windows.

According to an advisory published by Facebook, which owns…

http://feedproxy.google.com/~r/TheHackersNews/~3/Eww7jYHe3Qg/whatsapp-hacking-vulnerability.html



Source link

Leave a Comment

Your email address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial
error

Enjoy this blog? Please spread the word :)