WhatsApp, serious security bug discovered

Who I am
Marie-Ange Demory
@marie-angedemory
SOURCES CONSULTED:

support.microsoft.com

Author and references

A few hours ago the Zuckerberg team published an official safety notice regarding a bugs, critical that concerns WhatsApp. It is activated through ad hoc mp4 files. Let's find out more details.

Non aprite i file mp4 su WhatsApp

According to what was revealed, a potential hacker would be able to inject malicious code in smartphones, so as to provoke a Dos, or denial-of-service attack. By exploiting the flaw, it would also be possible to launch code remotely. What's really troubling about this whole thing is that no authentication is needed to perform the attack.



Precisely for this reason, the vulnerability in this case has been classified as critical, given the serious consequences that can potentially occur. The versions of WhatsApp affected by the attack are the following:

  • Android versions earlier than 2.19.274
  • IOS versions earlier than 2.19.100,
  • Enterprise Client versions prior to 2.25.3
  • Business for Android versions prior to 2.19.104
  • Business for iOS versions prior to 2.19.100
  • Windows Phone versions earlier and including 2.18.368

The WhatsApp bug should be fixed soon

CVE-2019-11931: this is how the WhatsApp bug was cataloged, which was discovered by an internal researcher of the platform, and not therefore by an external analyst as he had feared at the beginning. According to what was declared by Facebook, it should be solved shortly with a special fix.



It is not yet known whether the bug has been exploited or not, so updates will follow in the next few hours to understand the development of the situation.

add a comment of WhatsApp, serious security bug discovered
Comment sent successfully! We will review it in the next few hours.