There’s a critical warning for WhatsApp users, and now is a very good time to check your settings and make sure things are fully up to date. The new alert affects those using older versions of WhatsApp via their Windows PCs, and not updating could put personal data at risk of being stolen. It’s been confirmed that the vulnerability found within this popular chat app could allow hackers to execute something called arbitrary code. This nasty attack is hidden within what appear to be harmless attachments.
For those not in the know, if an arbitrary code attack succeeds, it can give cyber crooks unauthorised access or even full control of devices, which is definitely something we all want to avoid.
“A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension,” WhatsApp explained.
“A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp.”
The glitch has since been fixed, but it’s vital that Windows users – who send messages via WhatsApp – now make sure that their software is fully updated to the very latest version. Once the patch has been installed, files and data will then be safe again.
“It’s really important to stress that this WhatsApp vulnerability impacts Windows desktop users,” explained Adam Pilton, Senior Cybersecurity Consultant at CyberSmart.
“Most people will be part of a WhatsApp group where it is common for images to be shared and this is where this vulnerability becomes dangerous, because if a cyber criminal was able to share this image either in your group or with someone you trust who then goes on to share it in your group, anybody in that group could unknowingly execute the malicious code associated with the shared image.
“Cyber criminals will continue to exploit vulnerabilities within the software we use and the software providers will continue to provide updates or patches that protect us against the attacks that cyber criminals use. This is why vulnerability management AKA applying the updates that software providers issue, is so important!””
To update WhatsApp Desktop on Windows, simply follow these steps.
Open the Microsoft Store, go to Library , find WhatsApp Desktop , and then tap Get Updates or Save to device to download and install the latest version
At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Cookie Notice.
