This WhatsApp security flaw could have let hackers access all your chats
Although WhatsApp says The exploitation of the vulnerability was only theoretical
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A security vulnerability in popular messaging appWhatsApp’s image filter function, enabledcybersecurityresearchers to read sensitive information from the memory of the app.
According to a report by Check Point Research (CPR), malicious users could exploit the vulnerability by applying specific image filters to a specially crafted image.
As perrecent estimates,WhatsAppclocks about 2 billion active users every month andreportedlyferries over 55 billion messages daily, along with 4.5 billion photos, and one billion videos shared per day.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
“With over two billion active users, WhatsApp can be an attractive target for attackers. Once we discovered the security vulnerability, we quickly reported our findings to WhatsApp, who was cooperative and collaborative in issuing a fix,” said Oded Vanunu, Head of Products Vulnerabilities Research at CPR.
Bad image
CPR explains that image filtering is the process through which pixels of the original image are modified to achieve certain visual effects, such as blur or sharpen.
During their research study, CPR learned that switching between various filters on crafted GIF files caused WhatsApp to crash. Upon further investigation it was discovered that one of the crashes was CPR identified one of the crashes as the result of memory corruption.
CPR reported the problem to WhatsApp, who classified it as an out-of-bounds read and write issue, and tracked it as CVE-2020-1910, before deploying a fix in February 2021
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“We regularly work with security researchers to improve the numerous ways WhatsApp protects people’s messages, and we appreciate the work that Check Point does to investigate every corner of our app,” notedWhatsApp in a statement, adding that it saw no evidence of abuse related to this vulnerability.
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Don’t search for information on cats at work — you could be at risk of being hacked
This dangerous new malware is hitting Windows devices by hiding in games
Nvidia’s GeForce Now Priority membership has upgraded to ‘Performance’ - introducing a 1440p resolution and ultrawide support
