WhatsApp users may maybe maybe additionally calm hit up the Google Play Retailer or the App Retailer and be sure that they’re running the most modern model of the app, as a new update fixes a serious security bug that will maybe maybe let hackers depart malicious code onto devices through apparently innocent .MP4 video recordsdata.
Threatpost has an intensive rationalization of the bug, but the gist is that hackers can execrable a tool’s memory by manipulating the metadata (files love the title, rights holders, etc.) of an MP4 video file. The attack is easiest possible when the malicious file is played in WhatsApp, which can then allow the attacker to mediate control of inch parts of the tool and install or cease code remotely.
This threat may maybe maybe additionally be mitigated by not opening messages or recordsdata from unknown contacts, but fragment of the order is that the recordsdata can come from any place—even from contacts you perceive and belief forwarding a video they’re unaware has malicious metadata.
The lawful info about this attack vector is that WhatsApp has already patched the vulnerability in the most modern app update, and it doesn’t appear to agree with been a nice order for its users. As a spokesperson told Threatpost:
“WhatsApp cares deeply concerning the privacy of our users and we’re repeatedly working to toughen the safety of our carrier. We produce public reports on capacity points we agree with mounted consistent with industry easiest practices. On this instance there may be not any motive to think users were impacted.”
Regardless, you’ll be apt from the bug for people who’re running WhatsApp model 2.19.274 or
Screenshot: David MurphyIf you’re a Windows user, all Patch Tuesdays should be important, save for those instances where Microsoft borks a patch and actually makes your Windows system worse than it was previously. Getting the latest feature and security updates for your system—mostly the latter—should be something you look forward to each month. But today’s…