WhatsApp patches video call vulnerability that could potentially let hackers gain complete access

By Digit NewsDesk | Published on Oct 11 2018
WhatsApp patches video call vulnerability that could potentially let hackers gain complete access
HIGHLIGHTS

A memory corruption bug in WhatsApp that affected the app on both Android and iOS was patched recently.

Make your home smarter than the average home

Make your life smarter, simpler, and more convenient with IoT enabled TVs, speakers, fans, bulbs, locks and more.

Click here to know more

Facebook can’t seem to catch a break from all the data leaks and it seems that WhatsApp also came close to being thrown under the bus. As per a ZDNet report, WhatsApp has fixed a serious vulnerability that was found by the end of August by Natalie Silvanovich, a security researcher with Google's Project Zero security research team. Silvanovich describes the flaw as a "memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation," which, as per the vulnerability researcher Tavis Ormandy from Google, translates to an exploit in the video calling features of the app that could potentially enable hackers to “complete compromise WhatsApp.”

As per Silvanovich’s bug report, both, the Android and iOS versions of the app were affected by the bug as they use Real-time Transport Protocol (RTP) for initiating a video call. The web version of the chat app is not affected as it uses WebRTC for the same. "Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet," states Silvanovich. "This issue can occur when a WhatsApp user accepts a call from a malicious peer."  This issue was fixed on September 28 for Android and on October 3 for iPhone users.

"WhatsApp cares deeply about the security of our users. We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable. We promptly issued a fix to the latest version of WhatsApp to resolve this issue," a WhatsApp spokesperson told ZDNet. As per the report, WhatsApp says that the vulnerability was never exploited to carry out an attack on any user but they are advised to update to the newer version, just to be safe.

Facebook-owned WhatsApp is considered to be safe till now as there have been no major data leaks or compromises, which we know of. On the other hand, Facebook recently announced that the account data of 50 million users was exposed as attackers used a “technical vulnerability” in the “View As” feature in their profiles. You can learn more about this Facebook episode here.

Videos

How to make group video calls on WhatsApp
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.