Facebook has just issued a severe security warning for WhatsApp users. A new vulnerability has been discovered in WhatsApp which might allow hackers to target someone by simply sending a malicious video file via WhatsApp. During the recent Pegasus attack that affected journalists and activists worldwide, all it took was a simple ‘missed call’ on WhatsApp to snoop on them. Now, it seems attackers might exploit a vulnerability by sending videos files
The victim will receive an MP4 media file which is maliciously crafted on WhatsApp from an unknown sender and this is where the ‘hacking’ starts. The MP4 file will most likely play as any other video file but in the background the hacker can execute a malicious code to get access to the victim’s phone.
The Indian Computer Emergency Response Team (CERT-In) is advising citizens to update to the latest WhatsApp version immediately. “Successful exploitation of this vulnerability could allow a remote attacker to cause Remote Code Execution (RCE) or Denial of Service (DoS) condition, which could lead to further compromise of the system,” CERT-In said.
How to check if you are safe or not from this vulnerability
The agency is warning users to upgrade to the latest WhatsApp version immediately. Android users must upgrade to WhatsApp version 2.19.274 at least. Apple iPhone users must upgrade to version 2.19.100.
To check the WhatsApp version on iPhone, go to Settings> tap on ‘Help’ and you will get to see the version number on top. For Android, go to Settings> tap on Help> go to ‘App info’.
This vulnerability also affects “WhatsApp Enterprise Client prior to 2.25.3, WhatsApp for Windows Phone prior to 2.18.368, WhatsApp Business for Android prior to 2.19.104 and WhatsApp Business for iOS prior to 2.19.100,” it said. All WhatsApp users are highly recommended to check which WhatsApp version they are using and get the latest version immediately.