Search

Attackers could access your WhatsApp files remotely.

A critical security flaw was recently found in the desktop version of WhatsApp, which has reportedly led attackers to insert JavaScript into messages and remotely access files from a Windows or a Mac computer. The flaw, which was first reported by PerimeterX researcher Gal Weizman, revealed a mix of multiple high-security vulnerabilities that exist within WhatsApp web. According to the report, the WhatsApp web vulnerability has been tracked as CVE-2019-18426, which allowed for cross-site scripting (XSS). The issue, which has reportedly been fixed by Facebook as of now, could be vulnerable to an open-redirect flaw that may lead to persistent cross-platform scripting attacks triggered by sending certain crafted messages to WhatsApp users. The report further stated that the vulnerabilities affect WhatsApp's desktop software from version 0.3.9309 and earlier, as well as people who connected the app with WhatsApp's iOS editions before 2.20.10. This is not the first WhatsApp bug reported in near past. Just a few months back, researchers at global cybersecurity firm Check Point had reported that WhatsApp carried a serious vulnerability in its phone app that led to group chat crash the moment a destructive message was introduced by the hackers in the chat, leading the entire group chat history being deleted forever. The solution: installing the latest version, or more precisely, deleting the app and reinstalling it on phone. The only way to steer clear of the recent vulnerability would be to update your desktop version and to consequently update the app on your Andorid and iOS phones to the latest version. Such vulnerabilities creep in to your app if you are not persistently updating it. 👨🏻‍💻 #cybersecurity #cybercrime #flaw #vulnerability #whatsapp #facebook #instagram #update #windows #mac #ios #android #attack #security #infrastructure #networking


0 views