A critical flaw in WhatsApp allows remote control of the mobile: update as soon as possible

0
1
WhatsApp Version
a critical flaw in whatsapp allows remote control of the

Two errors in the code of WhatsApp applications allow remote access to mobile phones that had these apps installed. The bugs, already corrected by Facebook, alluded to a serious problem and a critical one; which indicates the considerable risk that it implies for users. Despite being corrected it can still affect those who use WhatsApp without having updated it.

Having access to a free application as widely used as WhatsApp allows you to instantly obtain benefits that until fifteen years ago seemed almost like science fiction: being able to communicate with almost anyone in real time and in multiple ways, all free of charge. This extreme popularity of the platform paves the way for its use; with a somewhat dark side that should also be considered: attackers look for any loophole in WhatsApp security to get into phones.

Any version of WhatsApp lower than 2.22.16.12 is vulnerable

WhatsApp Version

The patches on the apps are applied with the latest software updates, it is obvious; so, to keep applications secure it is essential to be up to date. Given the enormous amount of private data that moves in WhatsApp conversations, everything that concerns this messaging platform must be looked at with a magnifying glass.

As is recorded in the WhatsApp security space, Facebook has urgently corrected two serious bugs in the messaging application. Both allowed access to mobile phones that had the application installed; with the possibility of being controlled remotely and without the user knowing it. To do this, the attacker had to override code execution from a video call or after sending a modified video file.

SEE ALSO  I miss Titanium backups - it's the only feature I would go back to ROOT for

WhatsApp specifies the two security bugs that it has fixed in the September updates:

  • CVE-2022-36934, a critical bug (severity of 9.8 out of 10). “An integer overflow in WhatsApp could lead to remote code execution in an established video call“.
  • CVE-2022-27492, highly dangerous error (severity of 7.8 out of 10). “An integer overflow in WhatsApp could have caused remote code execution upon receipt of a modified video file.”

The current WhatsApp applications have already been corrected against security flaws: it is enough to have them updated to version 2.22.16.12 or higher (both WhatsApp and WhatsApp Business, both were vulnerable). In the event that the app has a version number below that mentioned, it is best to update it as soon as possible.

Update your WhatsApp as soon as possible if you haven’t downloaded a new version from Google Play for a while

To know the version number of WhatsApp, just follow the following process:

  • Open the app and go to settings.
  • Enter the “Help” menu.
  • Go to “App Info.”

More information | WhatsApp
Via | TheVerge