Menu
ಕನ್ನಡ ePaper
State National Ayodhya Special Sandhyavani Videos Stories Photos Exclusive IPL 2021 World Cup 2023 Sports International Business Election-2023 Entertainment Top 10 News Automobile Health and Lifestyle Cartoon Category Picks From Web Top 20 News ePaper Contact Us Premium Content Lok Sabha 2024 Paris Olympics
Advertisement

Hacking threat via MP4 file, upgrade WhatsApp to latest version: Central agency

05:15 PM Nov 20, 2019 | Team Udayavani |

New Delhi: An Indian cybersecurity agency has warned WhatsApp users against a “vulnerability” that can attack this popular social media messaging app and compromise an individual system without seeking permissions.

Advertisement

The Computer Emergency Response Team-India (CERT-In) has issued an advisory in this context calling the severity of the threat, being spread by an MP4 file, as “high.” The advisory comes in the backdrop of recent developments where WhatsApp had informed the Indian government in September that over hundred Indian users were targeted by the Israeli spyware Pegasus. “A vulnerability has been reported in WhatsApp which could be exploited by a remote attacker to execute arbitrary code on the target system,” the latest advisory said.

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain.

The agency’s advisory suggested “upgrading” to the latest version of WhatsApp to combat or tide over the problem.

Related Articles

Top 10 News

Kerala IAS officer alleges hacking of his WhatsApp number
Top 10 News

We disagree with decision, plan to appeal: Meta on CCI imposing Rs 213-cr penalty
Top 20 News

Fraudsters create fake FB profile misusing Udupi DC’s identity, case filed
Top 10 News

Kolkata Police starts probe into ‘hacking’ of live-streaming of Cal HC hearing
Top 10 News

Kerala govt to examine formation of controversial WhatsApp group for IAS officers
Top 20 News

Delhi: Commercial vehicle owners may soon receive challans on WhatsApp
Top 10 News

UPPSC protest: FIR registered against 4 Telegram channels for spreading misleading information
Top 20 News

SC notice to Gujarat govt on Asaram's plea seeking suspension of sentence in 2013 rape case
Top 10 News

BJP stages protest against Karnataka govt over Waqf properties row
Top 20 News

Kerala HC denies bail to police officer accused of ‘raping’ minor Dalit girl

Describing the malicious action of the vulnerability in the popular social messaging app (application), it said, “A stack-based buffer overflow vulnerability exists in WhatsApp due to improper parsing of elementary stream metadata of an MP4 file. A remote attacker could exploit this vulnerability by sending a specially crafted MP4 file to the target system.” It added that this could trigger a buffer overflow condition leading to execution of arbitrary code by the attacker. “The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious crafted mp4 file on victim’s system,” it said.

Advertisement

Successful exploitation of this vulnerability, it said, could allow the remote attacker to cause remote code execution (RCE) or denial of service (DoS) condition, which could lead to further compromise of the system.

It stated half-a-dozen WhatsApp software have been “affected” by the current vulnerability.

They have been identified as WhatsApp for Android prior to 2.19.274, WhatsApp for iOS prior to 2.19.100, WhatsApp Enterprise Client prior to 2.25.3, WhatsApp for Windows Phone prior to 2.18.368, WhatsApp Business for Android prior to 2.19.104 and WhatsApp Business for iOS prior to 2.19.100.

Subscribe
Advertisement

Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.

Next