September 28, 2022, 04:25 PM
Follow us on Telegram for the latest updates: https://t.me/mothershipsg
The Singapore Computer Emergency Response Team (SingCert) has urged WhatsApp users to immediately update their applications.
The advisory issued on Sep. 28 said updating the mobile app is to address security flaws that could result in it being completely controlled by attackers.
WhatsApp users have to download the latest versions of the app, even though there are no reports of active exploitation of the remote code execution vulnerabilities.
There are two remote code execution vulnerabilities.
An attacker can exploit one of the vulnerabilities during a video call with a targeted user to take complete control of their WhatsApp application.
An attacker can also send a specially-crafted video file to targeted users and convince them to play it and then take complete control of their WhatsApp application.
The first vulnerability affects the following versions of the app:
- WhatsApp for iOS and Android prior to v2.22.16.12
- WhatsApp Business for iOS and Android prior to v2.22.16.1
The second vulnerability affects the following versions of the app:
- WhatsApp for Android prior to v2.22.16.2
- WhatsApp for iOS v2.22.15.9
SingCert also urged users to enable automatic updates to ensure their applications are updated promptly.
Top photo via Unsplash
If you like what you read, follow us on Facebook, Instagram, Twitter and Telegram to get the latest updates.