Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

WhatsApp's malicious MP4 videos bug fixed in the latest update

18 November 2019 0

WhatsApp has released a new update that fixes a recently reported bug related to malicious MP4 video files. The bug would have allowed an attacker to exploit a vulnerability by sending a compromised MP4 video file. It would have made it possible for the attacker to access a victim's stored files and messages remotely.

The vulnerability is referred to as CVE-2019-11931 and if triggered, it could have resulted in remote code execution (RCE) and denial of service (DoS) cyberattack. It is reported that the malicious code can be triggered without requiring any action from the user's end which makes it even more dangerous.

In an official statement, Facebook said:

“A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”

To make sure that you are using a WhatsApp version containing the fix, look for the appropriate version number as mentioned below:

  • Android versions prior to 2.19.274
  • iOS versions prior to 2.19.100,
  • Enterprise Client versions prior to 2.25.3
  • Business for Android versions prior to 2.19.104
  • Business for iOS versions prior to 2.19.100
  • Windows Phone versions before and including 2.18.368

Your best bet is to visit the app store of the device you are using and check for any WhatsApp updates. If there is any pending update, make sure to install it as soon as possible.



WhatsApp's malicious MP4 videos bug fixed in the latest update
Write a comment...

Best dual front camera smartphones that you can buy | July 2020


Galaxy Tab S7 and Tab S7+ renders show what's coming | UPD: Support page listing


OnePlus launches Y-series and U-series smart TVs in India, with price starting at Rs.12,999


Apple A12Z in Mac Mini under Rosetta outperforms Microsoft's ARM-based Surface Pro X