Another WhatsApp Vulnerability Could Allow Installation of Spyware Through MP4 Videos

Sharing videos on WhatsApp is a cool feature. However, due to a bug, this feature could have become a security threat for users. Facebook has recently revealed a WhatsApp vulnerability that could allow installing malware to target devices.

Facebook has disclosed a serious WhatsApp vulnerability that exposed users to potential malware attacks.

As disclosed in an advisory, the stack-based buffer overflow vulnerability existed in almost all WhatsApp versions for both the consumers and enterprise apps. To trigger the flaw, an attacker would simply have to send maliciously crafted MP4 videos to the target users.

Describing this vulnerability CVE-2019-11931, Facebook stated,

Exploiting the bug could allow the attacker to execute remote code. It also permitted the attacker to install spyware or any other malware to the victim’s device.

  • WhatsApp for Android versions prior to 2.19.274
  • WhatsApp for iOS versions prior to 2.19.100
  • Windows Phone versions including and prior to 2.18.368
  • WhatsApp Enterprise Client versions prior to 2.25.3
  • Business for Android versions prior to 2.19.104
  • Business for iOS versions prior to 2.19.100

You Might Also Like