whatsapp fixes ‘critical’ security bug that put android phone data at risk

WhatsApp has published details of a “critical”-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call.

Details of the flaw, tracked as CVE-2022-36934 with an assigned severity rating of 9.8 out of 10, is described by WhatsApp as an integer overflow bug. This happens when an app tries to perform a computational process but has no space in its allotted memory, causing the data to spill out and overwrite other parts of the system’s memory with potentially malicious code.

WhatsApp didn’t share any further details about the bug. But security research firm Malwarebytes said in its own technical analysis that the bug is found in a WhatsApp app component called “Video Call Handler,” which if triggered would allow an attacker to take complete control of a victim’s app.

When reached for comment, WhatsApp did not immediately say if it has evidence of active exploitation or if the vulnerabilities were discovered in-house.

The critical-rated memory vulnerability is similar to a 2019 bug, which WhatsApp ultimately blamed on Israeli spyware maker NSO Group in 2019 for using to target 1,400 victims’ phones, including journalists, human rights defenders, and other civilians. The attack leveraged a bug in WhatsApp’s audio calling feature that allowed the caller to plant spyware on a victim’s device, regardless of whether the call was answered.

WhatsApp also disclosed this week details of another vulnerability, CVE-2022-27492, rated “high” in severity at 7.8 out of 10, which could allow hackers to run malicious code on a victim’s iOS device after sending a malicious video file.

“The manipulation with an unknown input leads to a memory corruption vulnerability,” said Pieter Arntz, an intelligence researcher at Malwarebytes. “To exploit this vulnerability, attackers would have to drop a crafted video file on the user’s WhatsApp messenger and convince the user to play it.”

Both flaws are patched in the latest versions of WhatsApp. Update today.

TECH NEWS RELATED

iQOO 11 and 11 Pro: The new kings of AnTuTu have been announced

iQOO revealed its new flagship line in China and Indonesia after numerous speculations and leaks. It includes the mobile devices iQOO 11 and 11 Pro. So, the Pro version adds 200W charging, along with the Snapdragon 8 Gen 2 chip from Qualcomm, a 144 Hz refresh rate screen, and the ...

View more: iQOO 11 and 11 Pro: The new kings of AnTuTu have been announced

Top 6 Ways to Fix Picture-In-Picture Mode Not Working on Android

Picture-in-Picture (PiP) is a useful feature on Android that allows you to watch any video in a small floating player. You can watch your favorite YouTube video while scrolling through your Instagram feed. Although the feature has been around for a while, it does not always function as expected. If ...

View more: Top 6 Ways to Fix Picture-In-Picture Mode Not Working on Android

The Best Android Games of 2023

Mobile Mastery Games have become more important than ever this past year, whether on consoles or on mobile devices. Everyone needs some form of escape from a world that’s often harsh, and games are a fun way to do that. While 2022 was a great year for gaming, 2023 ...

View more: The Best Android Games of 2023

Using Your Android to Make Money

Starting a side hustle or finding gigs is now easier because of the internet. There are so many opportunities that you can take with just having your phone, from completing tasks to selling things or playing games. Keep reading to learn more ways to use your Android to make ...

View more: Using Your Android to Make Money

How to Turn Off Low Data Mode on iPhone and Android

If you’re not having a good experience with your data, chances are your phone is on Low Data Mode. Normally, this option helps to restrict excess data usage from the background, saving you some data costs.  But if you want to surf the web properly without restrictions and lags, ...

View more: How to Turn Off Low Data Mode on iPhone and Android

The Lensa AI Artwork App Will Finally Make You Look Cool

People love entering bizarre text prompts for AI image generators and seeing the results. However, it’s not as easy to make it personal. Lensa is an AI-infused app that can generate selfies of yourself, and they look way too cool. What is Lensa? Lensa is an app created by ...

View more: The Lensa AI Artwork App Will Finally Make You Look Cool

Samsung Galaxy S23 Ultra could blow away iPhone 14 Pro Max — here's why

Samsung's new flagship can actually take down Apple

View more: Samsung Galaxy S23 Ultra could blow away iPhone 14 Pro Max — here's why

Ubisoft is running The Division Resurgence live tests in Europe

They have started and are available for selected Android devices.

View more: Ubisoft is running The Division Resurgence live tests in Europe

This rugged mouse will conquer your multicomputer setup [Review]

10 Best Softswiss Casino Sites with Bitcoin Bonuses 2023

Dyson Zone air-purifying, noise-cancelling headphones to launch in 2023 for $949

Hackers have developed a clever new way to add malware to Android apps

Emancipation release date and time: How to watch Will Smith's new movie online

Is the 2023 Jeep Grand Cherokee L a Good Kia Telluride Alternative?

Wholesome Snack: The Game Awards 2022 Edition - Everything Announced

Pokemon Go Introduces New XXS And XXL Pokemon Variants

Is the 2023 GMC Canyon Worth the Massive Price Hike?

Hello Neighbor 2 Part 5: Escape the museum from the Final Boss

Reddit Recap: how to see your Reddit 2022 year in review

Twitter Blue will reportedly cost more on iOS when it returns

OTHER TECH NEWS

Top Car News Car News