A critical flaw in WhatsApp allows remote control of the mobile: update as soon as possible

1664287906 1366 2000.webp.webp
1664287906 1366 2000.webp.webp

The patches on the apps are applied with the latest software updates, it is obvious; so, to keep applications secure it is essential to be up to date. Given the enormous amount of private data that moves in WhatsApp conversations, everything that concerns this messaging platform must be looked at with a magnifying glass.

As is recorded in the WhatsApp security space, Facebook has urgently corrected two serious bugs in the messaging application. Both allowed access to mobile phones that had the application installed; with the possibility of being controlled remotely and without the user knowing it. To do this, the attacker had to override code execution from a video call or after sending a modified video file.

WhatsApp specifies the two security bugs that it has fixed in the September updates:

  • CVE-2022-36934, a critical bug (severity of 9.8 out of 10). “An integer overflow in WhatsApp could lead to remote code execution in an established video call“.
  • CVE-2022-27492, highly dangerous error (severity of 7.8 out of 10). “An integer overflow in WhatsApp could have caused remote code execution upon receipt of a modified video file.”

The current WhatsApp applications have already been corrected against security flaws: it is enough to have them updated to version or higher (both WhatsApp and WhatsApp Business, both were vulnerable). In the event that the app has a version number below that mentioned, it is best to update it as soon as possible.

Update your WhatsApp as soon as possible if you haven’t downloaded a new version from Google Play for a while

To know the version number of WhatsApp, just follow the following process:

  • Open the app and go to settings.
  • Enter the “Help” menu.
  • Go to “App Info.”