WhatsApp fixes bug that put user privacy at risk

WhatsApp corrected an important vulnerability present in both the consumer and business modes, whereby a cyber attacker could take control of the device by taking advantage of a call.

The vulnerability was rated as 4 or high importance according to the National Institute of Cybersecurity (Incibe), which identified it in versions prior to WhatsApp for Android v2.21.23.2 and iOS v2.21.230.6; WhatsApp Business for Android v2.21.23.2 and iOS 2.21.230.7; and WhatsApp for desktop v2.2145.0.

This security problem “could allow a cybercriminal to read outside the limits of the stack (heap) during an established call”, as detailed on their website.

This means that the moment the user makes or receives a call through this application, a cyber attacker could access the device for remote control or to obtain data.

The vulnerability has already been corrected by WhatsApp and for this reason, Incibe urges users to update to the latest version of the ‘software’ in the different variants of the messaging ‘app’.

Source: dpa