A dangerous bug has been discovered on WhatsApp that could cause severe damage to your device and the data.
#TECH: The Indian Computer Emergency Response Team (CERT) has taken note of a vulnerability in WhatsApp that allowed a remote attacker to target phones by sending a compromised video file in MP4 file format.
Facebook has revealed that WhatsApp users could be under threat from malicious files this after a weakness that could see malware planted on devices. The threat under the Vulnerability Note CIVN-2019-0181 has been categorised in the ‘High Severity’ category. The WhatsApp issue impacts Android and iOS users, according to the advisory put out by the company and CERT.
It is believed a specially-crafted MP4 file received on Whatsapp could make users’ phones or devices vulnerable to malware.
“A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. A remote attacker could exploit this vulnerability by sending a specially crafted MP4 file to the target system.”Whatsapp security message
The new threat is reported to trigger a buffer overflow conditions leading to the execution of arbitrary code by the attacker. Also, the exploitation does not require any form of authentication from the victim end. It executes on downloading of a malicious crafted MP4 file on the receiver’s system, which can be sent by anyone who has access to a user’s mobile phone number being used for WhatsApp.
The security message says, “Successful exploitation of this vulnerability could allow the remote attacker to cause Remote Code Execution (RCE) or Denial of Service (DoS) conditions, which could lead to further compromise of the system.”
A RCE attack is usually used to run malware on the device, and the attack is used to steal information from the device, without the user knowing.