WhatsApp offers a new update to its mobile application. It fixes a very important vulnerability.
It’s time to jump on Google Play and the App Store: WhatsApp released an update to its mobile application at the end of September which fixes a very critical security flaw. Good news: there is no indication suggesting active use of the breach by a malicious third party, Techcrunch reports on September 27, 2022. It is better, however, to close the opening as soon as possible.
A WhatsApp flaw exploitable during a video
WhatsApp did not elaborate on the details of the bug, apart from a brief security advisory published on its site. The bug message, referenced as CVE-2022-36934, refers to a behavior issue for the app on Android and iOS. In a specific circumstance, it may be possible to trigger the code remotely during an ongoing video call.
Clearly, it would be possible to install malicious software during a video, to dig into the smartphone. The bug takes advantage of a problem in the allocated memory to operate a calculation. Due to lack of space, the data overflows and overwrites other segments in memory. This data that is somehow out of scope may contain malicious code.
The malfunction is considered very serious, with a score of 9.8/10. This score is established according to a reference system which makes it possible to gauge the dangerousness of the faults. We look at how each breach behaves, what it allows to do or not, how to exploit it, the presence of countermeasures and so on. From 9/10, we speak of a critical flaw.
