WhatsApp identifies new holes, warns of malicious MP4 file

India is WhatsApp's biggest market with 400 million users. The development comes just weeks after WhatsApp sued Israeli company, NSO group, over the alleged misuse of their spyware Pegasus, that was installed in the phones of 1400 users, including...

ICERT has issued a new vulnerability note, WhatsApp users are at risk again
NEW DELHI: WhatsApp has identified a vulnerability that could have been exploited through a malicious MP4 file. India's computer Emergency Response Team (Cert-in) described the vulnerability's severity rating as "high" and has advised users to update to the latest version of WhatsApp.

The vulnerability, identified as CVE-2019-11931, affected both Android and iOs systems but it is unclear if any users were impacted. The company has rolled out a security update.

"WhatsApp is constantly working to improve the security of our service. We make public reports on potential issues we have fixed consistent with industry best practices. In this instance, there is no reason to believe users were impacted," WhatsApp said in a statement on Sunday.


India is WhatsApp's biggest market with 400 million users. The development comes just weeks after WhatsApp sued Israeli company, NSO group, over the alleged misuse of their spyware Pegasus, that was installed in the phones of 1400 users, including at least 120 Indians. Many of those who were spied on were journalists, rights activists and lawyers.

In a post on it's securities and advisory page, WhatsApp's parent company Facebook confirmed the vulnerability on November 14. The post describes the vulnerability as "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."

Although this description is vague, Cert-in website gives more details. It states that the vulnerability can be "exploited by a remote attacker to execute arbitrary code on the target system."
ADVERTISEMENT
Download
The Economic Times Business News App
for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App
for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
READ MORE
ADVERTISEMENT

READ MORE:

LOGIN & CLAIM

50 TIMESPOINTS

More from our Partners

Loading next story
Text Size:AAA
Success
This article has been saved

*

+