WhatsApp’s September update addressed security flaws that may be abused during video calls or by transmitting maliciously designed video files.
WhatsApp: The Indian Computer Emergency Response Team (CERT-In) released notes on Tuesday for several security flaws in WhatsApp that might allow remote attackers to execute arbitrary code on certain versions of the platform.
Attackers could use these security flaws to execute remote code during a video conversation or send a maliciously engineered video file to targeted systems.
Successfully exploiting these vulnerabilities could allow attackers to run malicious code on targeted devices, jeopardizing their security.
In its vulnerability notes, CERT-In assigned a high severity rating to the security issues and stated that the bugs in WhatsApp were discovered to exist owing to integer overflow.
In a computer program, integer overflow happens when an arithmetic operation attempts to generate a value that is either higher or lower than the range that may be represented numerically inside the program’s constraints.
The security flaws were discovered to affect both the corporate and regular versions of WhatsApp on Android and iOS.
WhatsApp publishes updates regularly, addressing security flaws and bringing new features.
Earlier this week, Meta CEO Mark Zuckerberg stated that WhatsApp would add support for “call links” and increase the number of participants in a group video conference.