Two Outdated Software Bug Patched, Says WhatsApp

 

WhatsApp on Monday stated that it has addressed two bugs that existed on its outdated software program and that it had no cause to imagine that “these vulnerabilities were ever abused”. The official assertion got here within the wake of the latest advisory issued by the CERT-In, which cautioned WhatsApp customers about sure vulnerabilities within the app that might result in the breach of delicate info. CERT-In is the federal expertise arm for combating cyberattacks and guarding the online world.

According to this latest advisory, the vulnerability exists due to certain features on WhatsApp and thus allows hackers to access personal data like chats, images, videos, etc. by running malicious codes remotely. This vulnerability is linked “to a cache configuration issue and missing bounds check within the audio decoding pipeline.” 

“We regularly work with security researchers to improve the numerous ways WhatsApp protects people’s messages. As is typical of software products, we have addressed two bugs that existed on outdated software, and we have no reason to believe that they were ever abused,” a WhatsApp spokesperson informed PTI in a press release. 

The spokesperson added that WhatsApp “remains safe and secure, and end-to-end encryption continues to work as intended to protect people’s messages”.

An “excessive” severity rating advisory issued by the CERT-In, or the Indian Computer Emergency Response Team, on Saturday, had said that the vulnerability has been detected in the software that has “WhatsApp and WhatsApp Business for Android previous to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS previous to v2.21.32”. 

“Multiple vulnerabilities have been reported in WhatsApp applications which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system,” the advisory had stated. The advisory had really useful customers replace their units with the newest model of WhatsApp from the Google Play retailer or iOS App Store to counter the vulnerability menace.

After facing intense scrutiny in India over its upcoming privacy update, consumer protection agencies in Brazil have now asked the government to act on the May 15 privacy update that will allow Facebook to aggregate users' data across all of its platforms.