[ad_1]
WhatsApp fixed the bug, but a Google security researcher warned that it was so serious that he could have compromised an account if a hacker had sent a malicious video call.
A security researcher discovered a bug in WhatsApp that could have been exploited to support the application via a video call.
This vulnerability affects how WhatsApp handles video calls through the real-time transport protocol or the RTP protocol. Google security researcher Natalie Silvanovich has discovered that you can manipulate RTP data packets to cause memory corruption in the mail client.
She unveiled details of the vulnerability on Tuesday, claiming that it concerned both the Android and iOS versions of the application. His article shows how you can use the bug to crash the client in seconds on someone's smartphone.
But the dangers do not stop there. On Twitter, Silvanovich m said it is possible that the video call bug is exploited to cause WhatsApp to perform other malicious functions. Tavis Ormandy, a security researcher at Google, warned that the bug was so bad that he could take control of a WhatsApp client.
This is a big deal. Just responding to an attacker's call could completely compromise WhatsApp. https://t.co/vjHuWt8JYa
– Tavis Ormandy (@taviso) October 9, 2018
Fortunately, the bug has been fixed. WhatsApp told PCMag: "We regularly work with security researchers around the world to ensure that WhatsApp remains secure and reliable. We quickly released a patch for the latest version of WhatsApp to fix this problem. "
The email application, which belongs to Facebook, indicates that there is nothing to indicate that a hacker has ever exploited the bug to attack a person by a voice call. But the company encourages all users of WhatsApp to update their version.
According to Silvanovich, the Android client was loaded with the patch on Sept. 28, while the iOS client was corrected in an October 3rd update. She reported the virus to Facebook at the end of August.
[ad_2]
Source link
