Express Computer
Home  »  News  »  CERT-In warns users of vulnerabilities in WhatsApp for iOS

CERT-In warns users of vulnerabilities in WhatsApp for iOS

0 80
Read Article

The Indian Computer Emergency Response Team (CERT-In) has warned users of multiple vulnerabilities in WhatsApp and WhatsApp Business for iOS which could allow a remote attacker to bypass security restrictions or execute arbitrary code on the target system.

One vulnerability was found in the Screen Lock feature in WhatsApp and WhatsApp Business for iOS due to improper authorisation of input, CERT-In said in a vulnerability note.

An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week which carried a “high” severity rating.

Another vulnerability was found in the logging library in WhatsApp and WhatsApp Business for iOS due to what is called a “use-after-free” error.

A remote attacker could exploit this vulnerability by sending a specially crafted animated sticker to the target user while placing a WhatsApp video call on hold, resulting in several events occurring together in sequence, CERT-In said.

Successful exploitation of this vulnerability could lead to memory corruption, denial of service conditions or execution of remote code.

To protect themselves from these vulnerabilities, users should install the latest and updated version of WhatsApp and WhatsApp Business from AppStore, CERT-In said.

–IANS


If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]

Advertisement

Get real time updates directly on you device, subscribe now.

Subscribe to our newsletter
Sign up here to get the latest news, updates delivered directly to your inbox.
You can unsubscribe at any time

Leave A Reply

Your email address will not be published.

Know how to Improve Citizen Services in the "New Normal"
Register Now
close-image
Strengthen Your Business Continuity
Register Now
close-image