Signal denies rumors of zero-day bug used to take over devices

Signal messenger said it found no evidence of a rumored zero-day security vulnerability that reportedly allowed for a full takeover of devices

October 17, 2023 02:41 pm | Updated 02:41 pm IST

Signal the instant messaging platform took to X to deny rumors spreading online of a zero-day security vulnerability. 

Signal the instant messaging platform took to X to deny rumors spreading online of a zero-day security vulnerability.  | Photo Credit: Special Arrangement

Signal the instant messaging platform took to X to deny rumors spreading online of a zero-day security vulnerability related to the “Generate Link Previews” feature, stating there is no evidence the vulnerability was real.

The statement from Signal comes after reports of a zero-day vulnerability that allowed for a full takeover of devices was reported on X, formerly Twitter.

Signal in a tweet further clarified that it had checked with people across the U.S. government since reports of the vulnerability claimed USG as a source.

News of the rumored vulnerability spread online and among the cybersecurity community earlier this week. The unnamed USG sources said that vulnerability could be mitigated by disabling the “Generate Link Previews” setting in Signal.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

Signal zero-day bugs are in high demand with vulnerability brokers offering to pay high sums for flaws that can lead to remote code execution on devices.

Signal is known for its end-to-end encryption and independent structure as a non-profit organisation run by a foundation, not a big tech company. The instant messaging platform that was earlier the choice of communication for activists, people in the hacker community, and others concerned about privacy became mainstream in 2021, following privacy update notifications from Facebook-owned WhatsApp.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.