WhatsApp, Meta’s prompt messaging and calling service, has revealed particulars of a ‘crucial’ vulnerability that has been patched in a more recent model of the app however may nonetheless have an effect on older put in variations that haven’t been up to date.
The particulars concerning the vulnerability had been revealed in a September replace of WhatsApp’s web page on safety advisories affecting the app and got here to mild on September 23.
WhatsApp, within the replace, shared an in depth concern associated to vulnerability CVE-2022-36934, in response to which “an integer overflow in WhatsApp for Android prior to v2.22.16.12, Business for Android prior to v2.22.16.12, iOS prior to v2.22.16.12, Business for iOS prior to v2.22.16.12 could result in remote code execution in an established video call.”
According to the main points, the bug would let an attacker exploit integer overflow, after which they’ll get entry to execute their very own code on a sufferer’s smartphone by a specifically crafted video name.
This vulnerability has been given a severity rating of 9.8 out of 10 on the CVE scale.
In the identical safety advisory replace, WhatsApp additionally defined one other vulnerability, CVE-2022-27492. According to the social media firm, “an integer underflow in WhatsApp for Android prior to v2.22.16.2, WhatsApp for iOS v2.22.15.9 could have caused remote code execution when receiving a crafted video file.”
This stated, the bug would let attackers execute the code on the sufferer’s smartphone utilizing a malicious video file. The vulnerability was scored 7.8 out of 10.
In an India-related improvement for the social media platform, the top of WhatsApp’s India fee enterprise, Manesh Mahatme, has stop after greater than a 12 months with the Meta Platforms-owned firm to hitch Amazon India, a supply informed Reuters on Thursday.
Mahatme’s exit comes at a crucial time for WhatsApp, which is in search of to ramp up its funds service in a extremely aggressive market and lock horns with extra established gamers reminiscent of Alphabet’s Google Pay, Ant Group-backed Paytm and Walmart’s PhonePe.
During his stint at WhatsApp Pay, the corporate received regulatory approval to greater than double its funds providing to 100 million customers in India, its greatest market with greater than half a billion customers general.
#WhatsAppReveals #Critical #Vulnerabilities #Older #App #Versions
/cdn.vox-cdn.com/uploads/chorus_asset/file/25662572/hue_app1.jpg "Philips’ Hue app now makes use of AR to preview how a wise lamp will gentle up a room")
/cdn.vox-cdn.com/uploads/chorus_asset/file/24844606/Installer_Site_Post_002.jpg "A greater option to YouTube")
/cdn.vox-cdn.com/uploads/chorus_asset/file/25124846/Telegram_transcription_update_hero.jpg "Telegram opens up voice transcription to all customers in newest replace")
