“WhatsApp fixed a serious bug that could be exploited using MP4 video files!”

The Context:

A classified stack-buffer overflow issue triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The flaw is also said to potentially allow an attacker to access the messages and data stored in the app remotely.

Buffer – A region in physical memory storage used to store data while it is being moved temporarily. That can be overwritten and allocated in the heap portion of memory.

Memory – A region of the process’s memory that is used to store dynamic variables.

The most popular instant messaging app in the world has lately fixed a vulnerability that involved the use of MP4 video files. This is the second exploit WhatsApp discovered in the past month. We cannot forget the NSO’s Pegasus spyware– keeping tabs on Indian Journalists and human rights activists via WhatsApp.

While there are no technical details revealed, according to Facebook, the problem was caused by how the encrypted messaging app parses.MP4 stream metadata.289569

The Risks:

The vulnerability is referred to as CVE-2019-11931, and if triggered, it could have resulted in Remote Code Execution (RCE) and Denial of Service (DoS) cyberattack. It can be an entry point for an exploit chain that links together a group of security vulnerabilities, allowing a hacker to penetrate digital protections.

The vulnerable video files are used to remotely execute malicious code on the victim’s device without any intervention. According to the researchers, the malicious code can be triggered without requiring any actions from the user’s end, which makes it even more dangerous.

The fix has been issued, but users who have not updated or downloaded the latest version of WhatsApp are still vulnerable to the hack.

As you can remember, last month, WhatApp revealed that a ‘significant’ number of activists and journalists were targeted with spyware reportedly developed by a firm. 1,400 WhatsApp users received a message warning of the campaign – advising to update to the latest version of the app.

6DE336E8 4968 4736 8B0D D9522A484AFF cx0 cy10 cw0 w1023 r1 s 1280x720

Mitigation:

WhatsApp, used by 1.5 billion people globally, is a popular messaging platform that peddles itself as a secure end-to-end encryption app for communications. It’s also true that there has been no evidence of the exploitation, according to an entity. The flaw is said to be encountered internally by WhatsApp.

The Vulnerability exists in WhatsApp Android versions prior to 2.19.274 and iOS version prior to 2.19.100. To make sure of that you are using WhatsApp version containing the fix, look for the version number below:

  1. Android versions prior to 2.19.274
  2. iOS versions prior to 2.19.100
  3. Enterprise Client version prior to 2.25.3
  4. Business for Android versions prior to 2.19.104
  5. Business for iOS versions prior to 2.19.100
  6. Windows Phone versions before and including 2.18.368

Or you can even visit the app store of your device you are using and check for any WhatsApp updates. If any pending update, install as soon as you encounter. The best thing you can do is keep yourself aware and updated on these new-age cyber phenomenons.

If you are interested in knowing more about day-to-day cyber attacks? Then you are at the right place at the right time! To know more, visit here!

This brings me back to the latest cyber leak, Magic: The Gathering, the makers, confirmed that a security breach exposed the data of hundreds of thousands of game players. The data breach included leaked users’ names, email addresses, and passwords. For more details, visit here!

Previous Coverage: