WhatsApp, Meta’s prompt messaging and calling service, has revealed particulars of a ‘important’ vulnerability that has been patched in a more moderen model of the app however would possibly nonetheless have an effect on older put in variations that haven’t been up to date.
The particulars concerning the vulnerability have been revealed in a September replace of WhatsApp’s web page on safety advisories affecting the app and got here to mild on September 23.
WhatsApp, within the replace, shared an in depth challenge associated to vulnerability CVE-2022-36934, in accordance with which “an integer overflow in WhatsApp for Android prior to v2.22.16.12, Business for Android prior to v2.22.16.12, iOS prior to v2.22.16.12, Business for iOS prior to v2.22.16.12 could result in remote code execution in an established video call.”
According to the main points, the bug would let an attacker exploit integer overflow, after which they will get entry to execute their very own code on a sufferer’s smartphone by means of a specifically crafted video name.
This vulnerability has been given a severity rating of 9.8 out of 10 on the CVE scale.
In the identical safety advisory replace, WhatsApp additionally defined one other vulnerability, CVE-2022-27492. According to the social media firm, “an integer underflow in WhatsApp for Android prior to v2.22.16.2, WhatsApp for iOS v2.22.15.9 could have caused remote code execution when receiving a crafted video file.”
This stated, the bug would let attackers execute the code on the sufferer’s smartphone utilizing a malicious video file. The vulnerability was scored 7.8 out of 10.
In an India-related improvement for the social media platform, the pinnacle of WhatsApp’s India fee enterprise, Manesh Mahatme, has give up after greater than a yr with the Meta Platforms-owned firm to hitch Amazon India, a supply informed Reuters on Thursday.
Mahatme’s exit comes at a important time for WhatsApp, which is searching for to ramp up its funds service in a extremely aggressive market and lock horns with extra established gamers resembling Alphabet’s Google Pay, Ant Group-backed Paytm and Walmart’s PhonePe.
During his stint at WhatsApp Pay, the corporate received regulatory approval to greater than double its funds providing to 100 million customers in India, its largest market with greater than half a billion customers total.
#WhatsAppReveals #Critical #Vulnerabilities #Older #App #Versions
/cdn.vox-cdn.com/uploads/chorus_asset/file/25662572/hue_app1.jpg "Philips’ Hue app now makes use of AR to preview how a wise lamp will gentle up a room")
/cdn.vox-cdn.com/uploads/chorus_asset/file/24844606/Installer_Site_Post_002.jpg "A greater option to YouTube")
/cdn.vox-cdn.com/uploads/chorus_asset/file/25124846/Telegram_transcription_update_hero.jpg "Telegram opens up voice transcription to all customers in newest replace")
