A security hole found in the WhatsApp instant messaging application. This vulnerability allows hackers to send malicious code via MP4 format video files. This was explained by Facebook which is the parent of WhatsApp through a notification. In the notice that was released, the security hole was found in a number of versions of the WhatsApp application.
“This problem lies in the process of parsing MP4 metadata files and can be used for DoS (Denial of Service) or RCE (Remote Code Execution) attacks,” Facebook wrote in its announcement. In other words, the vulnerability can be exploited to do things like peek at a user’s message to take over the device.
Fortunately, WhatsApp has now fixed the security vulnerability through an update. The above problems are only found in the WhatsApp app version before 2.19.274 on Android, versions before 2.19.100 on iOS, and versions before 2.25.3 for Enterprise Client.
Then, the same security gap also exists in the WhatsApp app versions before and including 2.18.368 on Windows Phone, the WhatsApp Business app before 2.19.104 on Android, and WhatsApp Business versions before 2.19.100.
To be safe, if the WhatsApp application on a mobile phone is still older than the above versions, you should immediately make an update. WhatsApp said there was no sign of the security gap being exploited by hackers before it was patched, as summarized from The Next Web, Tuesday (11/19/2019).
“We make reports publicly about potential problems that have been fixed, in accordance with industry practice. In this case, we believe that users are not affected,” WhatsApp said in a statement.