The most widely used application in Spain and other countries for instant messaging is whatsapp. Cybercriminals know that checking the security of the application is very important, in order to exploit bugs and infect different smartphones. If you use this application for Android or iOS, you should know that both versions of the application are affected by two serious security flaws that could allow your smartphone to be hacked, which is really serious. Next, we explain what these vulnerabilities consist of and which version of WhatsApp solves the problem.
What do these security flaws do on the mobile
A serious security flaw cataloged as CVE-2022-27492this security flaw consists of a integer underflow in the application, this could lead to remote code execution upon receiving a specially crafted video file. This means that a possible cyber criminal could send a specially crafted video file in order to exploit this flaw security, and then execute arbitrary code on our smartphone, which could completely compromise it. This security flaw has a CVSS score of 7.8/10, so it is in the “high severity” realm. The app development team has already released a new version solving this problem, both for Android and iOS.
The other security flaw present in previous versions of WhatsApp is the one classified as CVE-2022-36934this security flaw is similar to the previous one, it consists of a integer overflow in the application, and could lead to remote code execution to take control of our mobile. In this case, instead of sending us a video via WhatsApp, it could be done through a video call with any contact. In this case, this security flaw has a score of 9.8/10 on the CVSS scale, so it is in “critical severity”, the highest there is. The WhatsApp team has also fixed this bug in the latest version.
Versions of WhatsApp with the problem solved
Both security flaws have been fixed in the latest version of WhatsApp, both for Android and iOS smartphones, in addition, the second security flaw (which is the most serious), was also present in the “Business” version of the application, so it is essential that you update as soon as possible. All the following versions of the application are free from this serious security flaw, and logically the following versions too:
- WhatsApp for Android: 2.22.16.12
- WhatsApp for iOS: 2.22.16.12
- WhatsApp Business for Android: 2.22.16.12
- WhatsApp Business for iOS: 2.22.16.12
It is essential that you make sure that you have the latest version of WhatsApp installed on your terminal. To see which version you are using, you must go to the «Settings / Help / Application Info«, if you do not have these versions or higher, you will be affected by these serious security flaws. In our case, we have version 2.22.19.76 installed for Android, which does not have these security flaws that are explained, if you have not updated the application for more than two or three weeks, you should check if you have an update in the official store Of applications.
