WhatsApp is usually thought of as a secure messaging app, but while your messages might be safely encrypted, the service’s apps are as prone to security vulnerabilities as any others. And the latest WhatsApp bug is a big one.
Security researcher Gal Weizman
recently found a major vulnerability in the desktop versions of
WhatsApp that could allow hackers install malware, see your messages,
and even remotely access files stored on your PC simply by sending
snippets of code through seemingly normal-looking messages. And
according to the researchers who found the bug, it seems to have been
exploited by hackers already.
In order for the attack to work, you have to first read a malicious message, so you’re probably safe unless you accept and open conversation requests from random users. While WhatsApp fixed this issue with a patch in December, you’ll want to make sure you’re running the latest version of the desktop client (especially if you haven’t used WhatsApp in some time). The vulnerability affects WhatsApp Desktop versions 0.3.9309 and earlier; you can download an updated version of WhatsApp Desktop for Windows and Mac here.
So what exactly caused such a massive bug in the first place, and how did it go unnoticed? Ars Technica’s report on the bug indicates the vulnerability is due to flaws in the Electron app framework Facebook uses for the WhatsApp desktop client, which allows for easier development and rollout between multiple platforms simultaneously.
No comments:
Post a Comment