WhatsApp Users Beware: If you are active on WhatsApp then there is a bad news for you. Hackers have an eye on your chat and they can also take big steps. CERT-In has alerted the users and told how to avoid …
CERT-In Warns WhatsApp Users: WhatsApp is the most used messaging platform worldwide. While it is known to roll out several new features from time to time to enhance the user experience, the app is now in the news for serious security bugs and vulnerabilities. The app has reported a vulnerability that could allow hackers to exploit users’ data. In addition, the Indian cyber security nodal agency CERT-In has also issued a high-security alert that warns users about the vulnerability that could lead to user data loss. As per information shared by WhatsApp and CERT-in, this bug affects Android and iOS versions of the app prior to v188.8.131.52.
WhatsApp’s New Security Vulnerability
Dubbed as CVE-2022-36934: Integer Overflow Bug and CVE-2022-27492: Integer Underflow Bug can help attackers execute arbitrary code on both Android and iOS devices. A malicious actor can take control of a user’s device by sending a specially crafted video file, which will allow them to execute arbitrary code. They can execute commands remotely on someone else’s computing device. Typically, Remote Code Execution (RCE) is caused by malicious malware downloaded by the host. This can happen regardless of the geographic location of the device. These two vulnerabilities were detected by WhatsApp’s internal security team and marked as “critical” and got a score of 10/10.
How can these vulnerabilities affect users’ devices?
As reported by Cyberspace News, the hacker can exploit these vulnerabilities to carry out the illegal activities mentioned below-
1. Launching malware
2. Stealing sensitive data
3. Monitoring user movements
4. Entire device To hack
how to stay safe
WhatsApp is not new to these vulnerabilities and it rolls out patches with the latest versions of the app. You just have to update to the latest version of the app to make sure there is no security threat.