Install the Latest WhatsApp Update to Fix a Serious Bug
WhatsApp users should go to the Google Play Store or App Store and make sure they have the latest version of the app, as the new update fixes a serious security bug that could allow hackers to inject malicious code onto devices through a seemingly innocent .MP4 video files.
Threatpost has a detailed explanation of the error, but the point is that hackers can damage the device’s memory by manipulating the metadata (such as title, copyright holders, etc.) of the MP4 video file. The attack is only possible when a malicious file is played on WhatsApp, which allows an attacker to take control of certain parts of the device and remotely install or execute code.
This threat can be mitigated by not opening messages or files from unknown contacts, but part of the problem is that files can come from anywhere – even from friends and trusted video uploads they don’t know they are, contain malicious metadata.
The good news about this attack vector is that WhatsApp has already patched the vulnerability in the latest app update, and it doesn’t seem to have been a big problem for its users. As a spokesperson told Threatpost:
“WhatsApp cares deeply about the privacy of our users, and we are constantly working to improve the security of our service. We are posting reports of potential issues that we have fixed in line with industry best practices. In this case, there is no reason to believe that users have suffered. “
In any case, you will be protected from error if you are using WhatsApp version 2.19.274 or higher on Android or version 2.19.100 or higher on iOS.