Indian security agency warns WhatsApp users against high severity security flaws

The Indian cybersecurity agency CERT-In has warned about new vulnerabilities found in the leading cross-platform messaging application WhatsApp could result in the breach of sensitive user data. The agency has thus released a high severity rating advisory and could be alarming for users still stuck with an old version of WhatsApp.

According to CERT-In, WhatsApp and WhatsApp Business for Android before v2.21.4.18 and WhatsApp and WhatsApp Business for iOS before v2.21.32 are susceptible to these flaws. The advisory issued by the agency detailing the criticality states that this vulnerability could “allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system.”

For those unaware, CERT-In is a national technology arm that tackles cyber attacks and acts as a watch guard for Indian cyberspace.

What is the impact of this WhatsApp Vulnerability? 

According to the report, this vulnerability exists due to certain features on WhatsApp and thus allows hackers to access personal data like chats, images, videos etc. by running malicious codes remotely. This vulnerability is linked “to a cache configuration issue and missing bounds check within the audio decoding pipeline.”

The report also suggests that since these flaws do not exist on the latest versions of WhatsApp, users using the latest version of the messaging application are not impacted at all.  However, users with WhatsApp and WhatsApp Business for Android older than v2.21.4.18 and WhatsApp and WhatsApp Business for iOS older than v2.21.32 may be at risk

How can I safeguard my chats? 

The simplest way to ensure the privacy of your data is by using the latest version of WhatsApp on your phone. Facebook led WhatsApp has stated that since these vulnerabilities existed in outdated versions of the application, there is a little chance of them being misused by hackers.

It has further stated that the said vulnerabilities have already been addressed by the bugs highlighted by the agency and has urged users to update the application on their devices to the latest one.

A prepared statement issued by WhatsApp read, "We regularly work with security researchers to improve the numerous ways WhatsApp protects people's messages. As is typical of software products, we have addressed two bugs that existed on outdated software, and we have no reason to believe that they were ever abused."

This is, however, one of many vulnerabilities that were found in WhatsApp recently. Very recently, researchers found a flaw in WhatsApp that allowed stalkers to track unassuming users’ “online status” to monitor their activities. This flaw could be used to correctly predict if a user is busy chatting with someone else at any given time.

Get up close with consumer tech news that you can use, latest reviews and buying guides. Follow TechRadar India on TwitterFacebook and Instagram!



from TechRadar - All the latest technology news https://ift.tt/3eeQhSx
Indian security agency warns WhatsApp users against high severity security flaws Indian security agency warns WhatsApp users against high severity security flaws Reviewed by Ghaniiero on avril 19, 2021 Rating: 5

Aucun commentaire:

Fourni par Blogger.