WhatsApp discloses critical vulnerability in older app versions


Illustration of a number of green WhatsApp logos in black circles floating across a blue background
Illustration by Alex Castro / The Verge

WhatsApp has published details of a “critical” vulnerability that has been patched in a newer version of the app but could still affect older installations that have not been updated.

Details were disclosed in a September update of WhatsApp’s page on security advisories affecting the app and came to light on September 23rd.

The critical bug would allow an attacker to exploit a code error known as an integer overflow, letting them execute their own code on a victim’s smartphone after sending a specially crafted video call. Remote code execution vulnerabilities are a key step in installing malware, spyware, or other malicious applications on a target system, as they give attackers a foot in the door that can be used to further compromise…

Continue reading…



Source link