Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

WhatsApp's malicious MP4 videos bug fixed in the latest update

18 November 2019 0

WhatsApp has released a new update that fixes a recently reported bug related to malicious MP4 video files. The bug would have allowed an attacker to exploit a vulnerability by sending a compromised MP4 video file. It would have made it possible for the attacker to access a victim's stored files and messages remotely.

The vulnerability is referred to as CVE-2019-11931 and if triggered, it could have resulted in remote code execution (RCE) and denial of service (DoS) cyberattack. It is reported that the malicious code can be triggered without requiring any action from the user's end which makes it even more dangerous.

In an official statement, Facebook said:

“A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”

To make sure that you are using a WhatsApp version containing the fix, look for the appropriate version number as mentioned below:

  • Android versions prior to 2.19.274
  • iOS versions prior to 2.19.100,
  • Enterprise Client versions prior to 2.25.3
  • Business for Android versions prior to 2.19.104
  • Business for iOS versions prior to 2.19.100
  • Windows Phone versions before and including 2.18.368

Your best bet is to visit the app store of the device you are using and check for any WhatsApp updates. If there is any pending update, make sure to install it as soon as possible.


0

comments

WhatsApp's malicious MP4 videos bug fixed in the latest update
Write a comment...
New products

MediaTek launches Helio G70 and Helio G70T SoCs for budget gaming phones

Tech

OnePlus unveils new 120Hz QHD OLED display, may come to OnePlus 8 Pro

Tech

Google Stadia reportedly working on non-Pixel phones as well

Samsung

Samsung's next foldable phone called Galaxy Z Flip, not Bloom | Report