CERT-IN warns users about multiple vulnerabilities found in WhatsApp for iOS 

Share This Post

CERT-IN, the Indian cyber emergency response team, has warned users of multiple vulnerabilities in WhatsApp for iOS and WhatsApp Business. The website had marked the severity of the vulnerability as “high”. CERT-in reported two major vulnerabilities such as an improper access control vulnerability and a use-after-free vulnerability. In particular, flaws were found in previous versions of WhatsApp for iOS and WhatsApp business.

The vulnerabilities were revealed by WhatsApp in its security opponents as part of its security advisories. “Several vulnerabilities have been reported in WhatsApp and WhatsApp Business for iOS that could allow a remote attacker to bypass security restrictions or execute arbitrary code on the target system,” says CERT-IN in a blog.

CERT-In had two major vulnerabilities in improper access control vulnerabilities and a use-after-free vulnerability in the note. According to the CERT-In report, the vulnerability of improper access control exists in the screen lock feature in WhatsApp and WhatsApp due to improper input authorization. The report reveals that an attacker could exploit the flaw by using Siri to communicate even if the phone is locked. If the attacker successfully exploits the vulnerability, it could allow the attacker to circumvent security restrictions.

Now we come to the other vulnerability: the user-after-free vulnerability. The report states that this vulnerability exists in the logging library in WhatsApp for iOS due to an error called no-use error. An attacker could exploit this vulnerability by sending a specially crafted animated sticker to the target contact during a video call. The report also adds that if the attacker successfully exploits this vulnerability, it could lead to memory corruption, denial of service conditions, and remote code execution.

CERT-IN advised all users to update to the latest versions of WhatsApp from the App Store.

On another note, WhatsApp rolled out a plethora of features this month including Always Mute, Disappearing Messages, WhatsApp Pay, and Shopping Button. The shopping button was the latest feature to join the messaging app. Apa.rt from that, the WhatsApp payment feature came to India after two years. The Facebook-owned messaging gap has finally gotten approval from NPCI for UPI-based payments. The feature would allow users to send and receive money using the app. A user must have a bank account number registered to use the ‘]function.

CERT-IN, the Indian cyber emergency response team, has warned users of multiple vulnerabilities in WhatsApp for iOS and WhatsApp Business.

News Underline:

  • CERT-IN has warned users of multiple vulnerabilities in WhatsApp for iOS and WhatsApp Business.
  • The website had marked the severity of the vulnerability as “high”.
  • CERT-IN had advised all users to update to the latest versions of WhatsApp from the App Store.
spot_img

Related Posts

For iOS 16 and macOS Ventura, Safari will support AVIF

It took ten years for Safari to support WebP,...

iPhone 14 parts are now being shipped from Apple providers

Trying to Get Ahead of Possible Supply Chain Constraints....

Now that CarPlay is out, you can use it on your Tesla with just two Raspberry Pi’s

Tesla Android Project in action – driving around with...

Service packages could be where Apple TV + finds its purpose

“Apple TV+ will likely never be material financially for...

A Google Maps competitor announces a significant update to its own iPhone and android navigation app

Earlier this month, the company updated its mobile applications...