Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,140,577 members, 7,770,512 topics. Date: Tuesday, 19 March 2024 at 11:17 AM

Whatsapp Escaped Fixes Bug That Would Have Let Hackers Exploit Devices - Phones - Nairaland

Nairaland Forum / Science/Technology / Phones / Whatsapp Escaped Fixes Bug That Would Have Let Hackers Exploit Devices (588 Views)

Why Do Hackers Have Easy Access To Our Phones / How Facebook Bug Secretly Recorded Iphone Users / Whatsapp To Enable Users “unsend” Chat, Fixes Other Bugs (2) (3) (4)

(1) (Reply)

Whatsapp Escaped Fixes Bug That Would Have Let Hackers Exploit Devices by Peopleloaded: 10:41pm On Nov 18, 2019
WhatsApp has fixed a vulnerability involving malicious MP4 video files that could potentially allow an attacker to remotely access messages and files stored in the app.

The flaw — identified as CVE-2019-1193— made it possible for attackers to send a specially crafted MP4 file to remotely execute malicious code on the victim’s device without any intervention.

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS [denial of service] or RCE [remote code execution].

However, the presence of the flaw alone doesn’t mean it could be used for nefarious purposes. As is often the case, it can be an entry point for an exploit chain that links together a group of security vulnerabilities, thereby allowing a hacker to penetrate digital protections.

When we reached out for a response, a spokesperson for the company said, “WhatsApp is constantly working to improve the security of our service. We make public, reports on potential issues we have fixed consistent with industry best practices. In this instance there is no reason to believe users were impacted.”

The bug affected Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100.

While there’s no indication that the flaw was exploited, the disclosure comes weeks after WhatsApp revealed that

In the meantime, it’s crucial that you update WhatsApp to the latest version to protect yourself from any possible attacks.
See video below:-
https://www.peopleloaded.ng/2019/11/18/whatsapp-escaped-and-fixes-bug-that-would-have-let-hackers-exploit-devices-using-mp4-files/

(1) (Reply)

Iphone Xr / Neatly Used Tecno Camon Cm Needed Or Any 2gig Ram Phone (lagos Only) / Iqoo To Debut As An Independent Brand In India In March

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 8
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.