Beware, multiple vulnerabilities found in WhatsApp for iOS, warns CERT-In

Of late, Facebook-owned messaging platform WhatsApp has been in the news for all the good reasons but not this time. Some vulnerabilities are found in WhatsApp iOS version, a report by the Indian Computer Emergency Response Team (CERT-In) stated.  The report suggested that multiple vulnerabilities have been discovered in WhatsApp as well as WhatsApp Business for iOS. According to CERT-In report, these vulnerabilities could allow remote hackers or attackers to bypass security restrictions or execute arbitrary code on the target system.

As per the report, one of the many vulnerabilities that CERT-In discovered was in the Screen Lock feature in both WhatsApp for iOS due to improper authorisation of input. According to CERT-In hackers could exploit this vulnerability by using Siri to communicate even when the phone is locked.

Furthermore, CERT-In found another vulnerability in the logging library in WhatsApp and WhatsApp Business for iOS.  This, the report stated, could allow a remote attacker to exploit this vulnerability by sending a special animated sticker while placing a video call on hold, resulting in several events occurring together in sequence. As per CERT-In these vulnerabilities could “lead to memory corruption, denial of service conditions or execution of remote code.”

If you are a WhatsApp iOS user, there’s a way to prevent these vulnerabilities from attacking. To protect from these vulnerabilities users can just install the latest and updated version of WhatsApp and Business for iOS from the Apple App Store.

Besides incidents of hacking and stealing user data through the app, the messaging platform has been working hard to prevent the spread of misinformation on the platform. It introduced several small but useful features to combat the spread of unverified information on the platform. Just a few months ago, the platform limited participants for forwarded messages. It also launched a feature that allows users to check which information shared with them is accurate and which is not.

Go to Source

Leave a Reply

Your email address will not be published.