A major WhatsApp bug allows hackers to access your information and details. Reportedly, these attackers are using MP4 files to make the software vulnerable.
According to ZDNet, Facebook has disclosed the existence of a severe vulnerability leading to remote code execution attacks in WhatsApp messaging software.
the tech giant further shared that the bug tracked as CVE-2019-11931, is a stack-based buffer overflow issue that can be triggered by attackers sending crafted MP4 video files to victims.
Although not many technical details were made available about this corrupt file, Facebook has assured users that the problem was caused by how the encrypted messaging app parses MP4 elementary stream metadata.
If these codes are exploited, they can lead to denial-of-service (DoS) or remote code execution (RCE) attacks, causing a device and the software to become vulnerable.
Users are being encouraged to update their software to minimize the risk of exploitation.
On the other hand, a spokesperson shared:
WhatsApp is constantly working to improve the security of our service. We make public reports on potential issues we have fixed consistently with industry best practices. In this instance, there is no reason to believe that users were impacted.
Earlier in October, the free messaging-application witnessed something familiar when users’ accounts became hacked through a double-free vulnerability, CVE-2019-11932, which could be used in attacks for compromising chat sessions, files, and messages.
Once installed on the user’s phone, the malware sent corrupted GIF files to its targets.