OTHER

New WhatsApp vulnerabilities for iOS uncovered, CERT-In reports

The Indian Computer Emergency Response Team (CERT-In) warns Apple users of a glitch in the iPhone iOS. The vulnerability may expose WhatsApp users to cyberattacks.

“A new version of WhatsApp and WhatsApp Business for iOS was released to fix vulnerabilities that could allow the execution of malicious code, memory corruption and crashes”.

CERT-In

WhatsApp vulnerabilities on iPhone’s iOS

Attack via animated stickers

CERT-In warned that the vulnerability “was found in the logging library in WhatsApp and WhatsApp Business for iOS, due to what is called a ‘use-after-free’ error”.

A cyber attacker could cause havoc by sending a “specially crafted animated sticker” to the target while placing a WhatsApp video call on hold. That would result in several events occurring together in sequence.

Moreover, CERT-In adds that the attack could result in “memory corruption, denial of service conditions or execution of remote code”.

Siri vulnerability

CERT-In also warned of another vulnerability which could “could permit Siri to interact with WhatsApp even after the phone was locked”. According to IANS (India’s Largest Independent News Service):

“An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week which carried a ‘high’ severity rating”.

Thus, the UAE’s Telecommunications Regulatory Authority (TRA) warned iPhone users to update their WhatsApp and WhatsApp Business apps in a bid to protect themselves against cybercriminals.

How to upgrade WhatsApp on iOS

CERT-In suggests updating WhatsApp regularly and to ensure your device is running on the latest software version. App developers implement bug fixes whenever they detect vulnerabilities such as these.

That said, the responsibility rests with us as users to update our apps. A WhatsApp spokesperson previously explained to Forbes that the team is “constantly working to improve security” of their services:

“We make public reports on potential issues we have fixed consistently with industry best practices. In this instance, there is no reason to believe users are impacted.”

How to update on iPhone, iPad, or iPod touch

WhatsApp can updated directly from the Apple App Store. If your iOS software is outdated, it won’t do any harm to update that as well.

  1. Plug your device into power and connect to the Internet with WiFi.
  2. Go to Settings, then General, then tap Software Update.
  3. Tap Download and Install.
  4. To update immediately after download, tap Install.
  5. You might need to enter your passcode to proceed.

There are several other ways to secure your WhatsApp account, including end-to-end user encryption, and knowing how to identify a suspicious link. Read more here.

Lastly, trusted WhatsApp beta tester, WA Beta Info, confirms that WA developers are fine-tuning a new “biometric lock” for Android devices. This will further ensure your privacy and safety.

The Biometric Lock feature will, when enabled, require our fingerprint, face or “other unique identifiers” to open the Facebook-owned messaging app. The new feature will be replacing the current “Fingerprint Lock”.

DMCA.com Protection Status

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *