The Instant messaging platform has confirmed the new threat caused by Specially-Crafted MP4 File. This allows the users to target the victim and take control of their phone by sending an infected video file, in MP4 format.
The world’s most popular messaging app is not having a gala time. The app yet again got attacked few days after the Pegasus spyware attack. Notably, the attack puts the Android users and iOS users at risk a remote attacker could trigger the attack by sending a specially crafted MP4 file to the target system.
WhatsApp users who are getting affected
- The Android versions prior to 2.19.274.
- WhatsApp for iOS versions prior to 2.19.100.
- The Enterprise Client versions prior to 2.25.3.
- The Windows Phone versions before and including 2.18.368.
- The WhatsApp For Business for Android versions prior to 2.19.104.
- WhatsApp For Business for iOS versions prior to 2.19.100
A malware attack can cause serious damage to your phone, with the risk of the attack planted and causing access to your data, a remote takeover of your phone or simply eavesdrop on conversations.
The severity level of the vulnerability is ‘high’. There is also no word on how this vulnerability was discovered.
How you guard the attack and stay safe!
- The one way to avoid this threat for now is to update to the latest version of WhatsApp.
- Users are advised to switch off auto-download option for media files to ensure that no malicious files are installed on the device.
“The RCE vulnerability allows hackers to perform the attack remotely without any sort of authentication,” claimed the report. The critical WhatsApp vulnerability can be tracked as CVE-2019-11931.
And, as always, it’s good practice to not open any suspicious e-mails or images/videos from unknown senders which may contain links to malware-filled websites.