WhatsApp fixes a security vulnerability that affected its Android app
WhatsApp has published the details of critical security vulnerability that affected its Android app. This could have potentially allowed hackers to install malware on an Android smartphone, during a video call.
image for illustrative purpose
WhatsApp has published the details of critical security vulnerability that affected its Android app. This could have potentially allowed hackers to install malware on an Android smartphone, during a video call.
The company did not share any more details on the vulnerability but security firm Malwarebytes detailed the issue with a blog post. It also noted any WhatsApp or WhatsApp business app on iOS and Android prior to version 2.22.16.12 were affected with the issue.
"This RCE bug affects a piece of code in the WhatsApp component Video Call Handler," wrote MalwareBytes in its post. "which allows an attacker to manipulate the bug to trigger a heap-based buffer overflow and take complete control of WhatsApp Messenger."
A buffer overflow is a vulnerability that happens when an application runs out of memory, and begins writing in another adjacent memory region. In the right hands, this would allow hackers to execute and run malware or other malicious applications on a device.
In this case, a theoretical attack could have occurred using an infected video file, which would cause a overflow and allow threat actors to install malicious programs.