A malicious video file could easily hack your WhatsApp, but not anymore

WhatsApp is one of the largest messaging platforms among all other social media apps. People nowadays are so much dependable on communicating through WhatsApp that they hardly use local text messaging services at all. Whether it is a picture you want to send to your friend or some videos or some documents WhatsApp makes it all possible for you. Even though the social platform tries to bring new updates to fix bugs every once in a while but along with the launch of new technologies hackers also end up creating new ways to exploit these mobile apps.

A new Bug fixed by WhatsApp

Recently, it was revealed by Facebook that WhatsApp fixed a major bug that would have let bad actors easily exploit devices by using MP4 files. This vulnerability could easily allow an attacker to access the messages and files of users stored in the app and can send it to various third-parties but not anymore, all thanks to WhatsApp.

Detailed insight into the flaw

This flaw was detected as CVE-2019-11931 and with this loophole, attackers could send some specifically created video files to users and could release a malicious code in the device of the user without them even noticing anything at all. By sending these MP4 files attackers could trigger a stack-based buffer overflow in WhatsApp which could result in RCE (remote code execution) or DOS (denial of service). The availability of this loophole in the app doesn’t mean it could be only used for specific purposes. Sometimes, flaws like these can end up being an entry point for various exploits that could take place by allowing a hacker to access and crack various digital protections.

Response from WhatsApp regarding this Exploit

The company responded that WhatsApp is a platform that constantly attempts to make its user experience more secure than ever by improving the security of its service and the public reports about the potential issues are made when the exploits have already been fixed and there is no reason left to believe about any user being strongly affected from it anymore.


This bug impacted the Android versions before 2.19.274 and affected iOS versions before 2.19.100, Enterprise Client versions before 2.25.3 were affected, Windows phone versions before and also including 2.18.368 were detected with this bug. This bug was also detected in Business for Android versions before 2.19.104 and Business for iOS versions prior to 2.19.100.

Although there’s no official statement about the effects of this flaw but the reveal of these exploits also comes weeks after WhatsApp revealed about at least two dozen lawyers, Dalit activists, journalists in India being a victim of surveillance by operators of security firm NSO Group’s Pegasus spyware.

Bottom Line

We don’t know about the number of Android or iOS versions of WhatsApp that still have these bugs available, so it is very necessary to update your WhatsApp to the latest version so that it can reduce the risk of being another victim of exploit.

A (now fixed) malicious video file could easily hack your WhatsApp]

Read next: WhatsApp Updates Hint at Dark Mode, Added Security

Featured photo: Omar Marques/SOPA Images/LightRocket/Getty Images

No comments:

Post a Comment