Technology
Logo
 

Indian tech agency warns of vulnerabilities in WhatsApp for iOS

IANS/New Delhi
Filed on November 9, 2020

(alamy.com/ae)

Users should install the latest and updated version of WhatsApp and WhatsApp Business.

The Indian Computer Emergency Response Team (CERT-In) has warned users of multiple vulnerabilities in WhatsApp and WhatsApp Business for iOS, which could allow a remote attacker to bypass security restrictions or execute arbitrary code on the target system.

One vulnerability was found in the Screen Lock feature in WhatsApp and WhatsApp Business for iOS due to improper authorisation of input, CERT-In said in a vulnerability note.

An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week, which carried a "high" severity rating.

Another vulnerability was found in the logging library in WhatsApp and WhatsApp Business for iOS due to what is called a "use-after-free" error.

A remote attacker could exploit this vulnerability by sending a specially crafted animated sticker to the target user while placing a WhatsApp video call on hold, resulting in several events occurring together in sequence, CERT-In said.

Successful exploitation of this vulnerability could lead to memory corruption, denial of service conditions or execution of remote code.

To protect themselves from these vulnerabilities, users should install the latest and updated version of WhatsApp and WhatsApp Business from AppStore, CERT-In said.





ERROR: Macro /ads/dfp-ad-article-new is missing!
MORE FROM Technology
MORE FROM Khaleej Times
CurrentRequestUnmodified: /business/technology/french-boy-gets-3d-printed-hand macro_action: article, macro_profile: , macro_adspot:
 
 
 
 
 
KT App Download
khaleejtimes app

All new KT app
is available
for download:

khaleejtimes - android khaleejtimes - ios khaleejtimes - HUAWEI AppGallery
-->