Monday, July 6, 2020
Home Lead Story No User Data Affected From New MP4 File Bug, Claims WhatsApp

No User Data Affected From New MP4 File Bug, Claims WhatsApp

The RCE vulnerability may allow hackers to perform the attack remotely without any sort of authentication

WhatsApp on Monday said no user data was affected owing to a new bug where a specially-crafted malicious MP4 file may have used the vulnerability to trigger the remote code execution (RCE) and denial of service (DoS) cyber attack when downloaded by a user on both Android and iOS devices.

Reports on Sunday claimed that hackers can use the WhatsApp vulnerability to deploy the malware on the user’s device to steal sensitive files and snoop on them — the way an Israeli software Pegasus developed by cyber intelligence company NSO Group did by exploiting the video calling system in the Facebook-owned to snoop on 1,400 selected users globally and in India, including human rights activists and journalists.

“WhatsApp is constantly working to improve the security of our service. We make public, reports on potential issues we have fixed consistent with industry-best practices. In this instance, there is no reason to believe users were impacted,” a company spokesperson said in a statement shared with IANS.

The micro-blogging platform has already issued a security update on this bug.

Facebook had earlier issued an advisory, saying “a stack-based buffer overflow could be triggered in WhatsApp by sending a specially-crafted MP4 file to a WhatsApp user.”

“The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”

Whatsapp
Security experts have warned that blaming Whatsapp for the spyware would not be right. Pixabay

The vulnerability is classified as “critical” severity that affected an unknown code block of the component MP4 File Handler in WhatsApp.

The Pegasus-NSO Group issue snowballed into a political one, with the Indian government directing WhatsApp to submit a reply over the matter.

The government also denied either purchasing or planning to purchase the infamous software in question.

Also Read: Social Media Giant Facebook Still a Fertile Ground for Promoting Anti-vaccine Posts

The new vulnerability is found in Android versions prior to 2.19.274; iOS versions prior to 2.19.100; Enterprise Client versions prior to 2.25.3; Business for Android versions prior to 2.19.104; Business for iOS versions prior to 2.19.100; and Windows Phone versions before and including 2.18.368.

The RCE vulnerability may allow hackers to perform the attack remotely without any sort of authentication. (IANS)

STAY CONNECTED

18,994FansLike
362FollowersFollow
1,780FollowersFollow

Most Popular

Infant Sleep issues Linked To Mental Health Problems in Adults

Researchers have found that sleeping problems in early childhood may be linked to the development of certain mental health disorders in adolescence. The study, published...

10,000 Bed Sardar Patel Covid-19 Centre To set up at Delhi

The 10,000-bed Sardar Patel Covid-19 Care Centre and Hospital, inaugurated here on Sunday by Delhi Lieutenant-Governor Anil Baijal, which will serve as a major...

UP Government to Set World Record in Tree Plantation Drive

The Yogi Adityanath government is all set to set a new world record by planting 25 crore trees on Sunday in a massive plantation...

Queer Representation in Bollywood

Soon, Akshay Kumar will be seen essaying the role of a transgender in "Laxmmi Bomb". Sonam Kapoor has explored the complexities of being a...

WHO Stops Hydroxychloroquine, HIV drugs in Covid-19 trials

The World Health Organization (WHO) said on Saturday that it was discontinuing its trials of the malaria drug hydroxychloroquine and combination HIV drug lopinavir/ritonavir...

Coronavirus Cases Sets Record Daily Jump : WHO

The world saw a record 24-hour increase in the number of coronavirus cases Saturday — 212,326, the World Health Organization (WHO) reported. The United States,...

India Confident of Covid Vaccine, Trial Stage Marks ‘Beginning of the End’

As India races to bring a vaccine for Covid-19 by mid August, the government on Sunday said that it is entering the human trial...

Malaika Arora Shares Home Remedy to Boost Immunity

Dancing diva Malaika Arora has shared a "make in India" home remedy to boost immunity. Some people have started stepping out for work, but relaxed...

Recent Comments