Update WhatsApp's Desktop Client to Block a Remote-Access Vulnerability - WindowsTips.net - Windows Tips and Tricks with Geek

Sunday, October 18, 2020

Update WhatsApp's Desktop Client to Block a Remote-Access Vulnerability

WhatsApp is usually thought of as a secure messaging app, but while your messages might be safely encrypted, the service’s apps are as prone to security vulnerabilities as any others. And the latest WhatsApp bug is a big one. 

Security researcher Gal Weizman recently found a major vulnerability in the desktop versions of WhatsApp that could allow hackers install malware, see your messages, and even remotely access files stored on your PC simply by sending snippets of code through seemingly normal-looking messages. And according to the researchers who found the bug, it seems to have been exploited by hackers already.

In order for the attack to work, you have to first read a malicious message, so you’re probably safe unless you accept and open conversation requests from random users. While WhatsApp fixed this issue with a patch in December, you’ll want to make sure you’re running the latest version of the desktop client (especially if you haven’t used WhatsApp in some time). The vulnerability affects WhatsApp Desktop versions 0.3.9309 and earlier; you can download an updated version of WhatsApp Desktop for Windows and Mac here.

So what exactly caused such a massive bug in the first place, and how did it go unnoticed? Ars Technica’s report on the bug indicates the vulnerability is due to flaws in the Electron app framework Facebook uses for the WhatsApp desktop client, which allows for easier development and rollout between multiple platforms simultaneously. 

No comments:

Post a Comment