Do you use WhatsApp? You should pay close attention – it contained 6 critical vulnerabilities

The WhatsApp communication application is popular worldwide and used by approximately 1.5 billion users[1]. Its advantage is an easy use and relatively good communication between individual users. However, the vulnerabilities do not avoid even this application, detected in its source code.

WhatsApp has issued a warning about 6 critical vulnerabilities that allow:

• remote code execution while playing a specifically recorded push-to-talk message (both in the client for Android and for iPhone),
• remote code execution while displaying a message in the WhatsApp Desktop application,
• obtaining information from the device, including e-mails, browsing history and location,
• access to financial information on a victim’s device,
• taking control of the microphone and camera on a victim’s device.

Individual vulnerabilities are tracked as CVE-2020-1894, CVE-2020-1891, CVE-2020-1890, CVE-2020-1889, CVE-2020-1886 and CVE-2019-11928.

The National Cyber Security Centre SK-CERT recommends that all users update the WhatsApp application immediately:

• for devices with iOS to version 2.20.35 and higher,
• for Android devices to version 2.20.35 or higher or 2.20.20 and higher,
• for the application desktop version to version 0.3.4932 and higher.

Source

[1] https://www.businessofapps.com/data/whatsapp-statistics/

https://www.whatsapp.com/security/advisories/2020/?lang=sk

« Späť na zoznam