WhatsApp releases fixes for security bugs affecting Android and iOS devices

The security bugs that could be exploited during video calls or by sending maliciously crafted video files were fixed as part of WhatsApp’s September update 

September 29, 2022 03:21 pm | Updated 04:40 pm IST

A file photo of the WhatsApp logo

A file photo of the WhatsApp logo | Photo Credit: REUTERS

The Indian Computer Emergency Response Team (CERT-In) on Tuesday released notes for multiple security bugs in WhatsApp which could be exploited by remote attackers to execute arbitrary code on affected versions of the software.

(For insights on emerging themes at the intersection of technology, business and policy, subscribe to our tech newsletter Today’s Cache.)

Attackers could exploit these security bugs to execute remote code during an established video call, or send a maliciously crafted video file to targeted systems. 

Successful exploitation of these bugs could allow attackers to run malicious code on affected devices, thereby compromising their security. 

CERT-In in its vulnerability notes placed the security bugs in the high severity rating and shared that the bugs in WhatsApp were found to exist due to integer overflow. 

Integer overflow in a computer programme occurs when an arithmetic operation attempts to create a value which might be either higher or lower than the range that can be represented numerically within the bounds of the programme.

The security bugs were found to affect both business and normal versions of WhatsApp, on Android as well as iOS. 

WhatsApp regularly releases updates fixing security bugs and introducing new features.

Earlier this week, Meta CEO Mark Zuckerberg had announced that WhatsApp will be rolling out support for “call links” and increasing the number of participants in a group video call.

Top News Today

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.