Tech

Two serious vulnerabilities discovered in WhatsApp Update as soon as possible!

Deepak GuptaSeptember 27, 2022
0

WhatsApp has published the details of two major vulnerabilities found in non-updated versions of the application. This means that the company responsible for the messaging service was already aware of the problems and that it has solved them, but if you are not using the latest version of the application, it would be convenient to update it as soon as possible.

The first vulnerability, which is tracked as CVE-2022-36934 and whose severity is 9.8 out of 10 (critical), consists of an integer overflowa common error that basically consists of trying to introduce a value into an integer type variable that is greater than the maximum that the variable can support, thus causing it to overflow.

In the case of the messaging service application owned by Meta, integer overflow is exploited by sending a specifically designed call by the attacker, thus opening the door to carry out remote attacks that can lead to the installation of malware on the operating system used by the victim’s device, which is often done through an escalation of privileges.

The second vulnerability, followed as CVE-2022-27492 and whose severity is 7.8 out of 10 (high), allows attackers to remotely execute code after sending a malicious video file. Unfortunately, multimedia files have been one of the most widely used means of spreading malware for many years, and the fact is that malicious actors, if they were not deceiving staff, would have little success in many cases.

Both vulnerabilities have been recently patched, so we recommend carry out an update process as soon as possible. The versions of WhatsApp affected are the following:

  • WhatsApp for Android v2.22.16.12 and earlier
  • WhatsApp Business for Android v2.22.16.12 and earlier
  • WhatsApp for iOS v2.22.16.12 and earlier
  • WhatsApp Business for iOS v2.22.16.12 and earlier

In both Android and iOS, the logical thing is to go to the application store and proceed to perform a standard update. However, the great freedoms granted by the Google system can mean that someone is using a custom ROM and obtaining the APK installer manually, so in this case we recommend uninstalling the application and reinstalling it in case the APK file does not work directly with the update.

We have other articles that may interest you:
  1. Can we know who accessed the 700,000 antigenic tests of French people who leaked?
  2. Xbox turns 20 and will celebrate with a special event: Date, time and what to expect
  3. Newskill Pyros Ivory Speed, review: smaller and faster
  4. Should you unsubscribe from Netflix?
  5. Download for free the legendary Super Mario movie remastered in 4K
  6. Phison shows the enormous performance of PCIe Gen5 SSDs
Deepak GuptaSeptember 27, 2022
0

Related Articles

LIVE A LIVE analysis, discovering a classic

August 17, 2022

Best Vacuum Cleaner Deals for AliExpress’s Birthday

March 30, 2022

Nearly 500,000 accesses to Fortinet’s VPN have leaked, including in France

September 9, 2021

PS4 sold twice as much as Xbox One, Microsoft finally admits defeat

August 16, 2022

Leave a Reply

Your email address will not be published. Required fields are marked *