WhatsApp Fixes Bug That Let Hackers Take Over App When Answering a Video Call (zdnet.com)

WhatsApp developers have fixed a bug in the Android and iOS versions of the WhatsApp mobile app that allowed hackers to take over the application when users answered an incoming video call. From a report: Natalie Silvanovich, a security researcher with Google’s Project Zero security research team, discovered the WhatsApp vulnerability at the end of August. She described the vulnerability as a “memory corruption bug in WhatsApp’s non-WebRTC video conferencing implementation.” “Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet,” Silvanovich said in a bug report. “This issue can occur when a WhatsApp user accepts a call from a malicious peer.” It is unclear how popular the video feature is on WhatsApp, which is used by more than 1.2 billion users. But in July, the company said users were spending over two billion minutes on calls (including voice) each day.

Powered by WPeMatico