WhatApp has successfully fixed a bug for its mobile apps on Android and iOS platforms that could have provided the hackers, potential to crash the whole app during an online call. Back in August, a security researcher had discovered and reported the issue to WhatsApp. The company took the issue very serious sensing the gravity of potential and fixed of which details are available on the public domain. The researcher has explained the bug as a “memory corruption bug in WhatsApp’s non-WebRTC video conferencing implementation.” The flaw indicated that the it left WhatsApp users a potential target by hackers during video calls through the app.
Natalie Silvanovich is a researcher in the team of Google’s Project Zero security research and the vulnerability was first spotted by a Tamagotchi hacker for the first time in WhatsApp. In a bug report, Silvanovich says, “Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet.” The malformed packet that results in triggering the crash could be sent through a call request. She adds, “This issue can occur when a WhatsApp user accepts a call from a malicious peer.”
It is noteworthy to mention that it was only the WhatsApp app on Android and iOS that were affected due to the fact that they use Real-time Transport Protocol (RTP) for video calls. The WhatsApp for Web client was not at all affected since it utilizes WebRTC for video conferencing purpose. The researcher has also published related proof-of-concept code and instructions about how to reproduced such an attack.
Another Google researcher Tavis Ormandy too focused over the issue, who said in a tweet that “This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp,” indicating that crashing the app of the victim may not be the only worst thing that could be done.
It is noteworthy that the bug was fixed on September 28 for the WhatsApp Android client and for the iOS, it was done on October 3, Silvanovich said. And now as the WhatsApp bug has been patched, you need to update to the latest version available for Android and iOS.
There have been many such issues previously reported different apps of Android that posed threat for the user from the potential hackers. The best idea is to keep ourselves up to date with the technology news and keep our selves and our related data safe.
You May Also Read: Researchers Claim To Have Created ‘Most Detailed’ Map of Brain Hippocampus