Social Media

Cyber agency cautions users against weaknesses detected in WhatsApp

PTI New Delhi | Updated on April 18, 2021

Expert say these weaknesses ‘exist in WhatsApp applications due to a cache configuration issue and missing bounds check within the audio decoding pipeline’

The country's cyber security agency has cautioned WhatsApp users about certain vulnerabilities detected in the popular instant messaging app that could lead to breach of sensitive information.

A “high” severity rating advisory issued by the CERT-In or the Indian Computer Emergency Response Team said the vulnerability has been detected in software that has ‘WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32.’ The CERT-In is the national technology arm to combat cyber attacks and guarding the Indian cyber space.

Also read: Open banking may potentially pose significant risks: RBI Dy Guv Rao

“Multiple vulnerabilities have been reported in WhatsApp applications which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system,” the advisory said.

Describing the risk in detail, it said that these vulnerabilities “exist in WhatsApp applications due to a cache configuration issue and missing bounds check within the audio decoding pipeline.” “Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or access sensitive information on a targeted system,” it said.

Also read: Upstox data breach: A wake up call for market intermediaries

The advisory added that users of the app (application) should update the latest version of WhatsApp from Google Play store or iOS App Store to counter the vulnerability threat.

Published on April 17, 2021

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor