Never miss a story

Get subscribed to our newsletter


×
WhatsApp on a smartphone device. Pixabay

A security bug has been found in Facebook-owned instant messenger WhatsApp that could let attackers to obtain access to a device and steal data by sending a malicious GIF file.

The danger stems from a double-free bug in WhatsApp, according to a researcher going by the nickname Awakened, The Next Web reported on Wednesday.


A double-free vulnerability is a memory corruption anomaly that could crash an application or open up an exploit vector that attackers can abuse to gain access to users’ device.

According to Awakened’s post on GitHub, the flaw resided in WhatsApp’s Gallery view implementation that is used to generate previews for photographs, videos and GIFs.


Silhouettes of mobile users are seen next to logos of social media apps Signal, Whatsapp and Telegram projected on a screen in this picture illustration. VOA

All it takes to perform the attack is to craft a malicious GIF, and wait for the user to open the WhatsApp gallery, the report added.

“The exploit works well until WhatsApp version 2.19.230. The vulnerability is officially patched in WhatsApp version 2.19.244,” wrote the researcher.

Also Read: Indiscriminate and Irrational Use of Resources and Exploitation of Environment

The bug also works for Android 8.1 and Android 9.0 OS but does not work for Android 8.0 and below.

In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register, according to a report in Gizmodo. (IANS)


Popular

Photo by febri sym on Unsplash

Achieving soft, beautiful and happy skin is a dream for most of us or at least a long-pending item on our wish list.

Achieving soft, beautiful and happy skin is a dream for most of us or at least a long-pending item on our wish list. While there are lot of suggestions, a laundry list of do's and don'ts to follow, there are some basics that don't change. We have to understand that happy skin is a holistic process that requires one to work on building healthy habits combined with good skincare.

Here's a ready reckoner by ITC Fiama of tried and tested skincare habits that will serve as a reminder that skincare doesn't need to be complicated, it just needs to be consistent.


* Cleanse & Moisturise -- The first and the simplest step towards healthy skin is regular cleansing and moisturising, it is advisable to use a moisturizing body soap that ensures your skin gets the right nutrients and remains supple and nourished. A great product suited to this requirement is Fiama Gel Bathing Bar, which is enriched with nature's goodness. Fiama's bathing bars come in 5 variants and they help moisturize the skin making it appear soft, happy and bouncy.

Keep Reading Show less
Photo by Pixabay

It is true that street performances has been existing in India since ancient times. But, it was Philip Astley who brought the concept of circus in India in the 1880s. Interestingly, Astley is known as the father of modern circus.

Birth of the Great Indian Circus

Keep Reading Show less
Unsplash

API security testing is a process that checks API functions for security vulnerabilities.

By- Naman Rastogi

The first thing to understand about API security testing is that it is not a one-size-fits-all process. Testers must take into account the scope of the project, as well as the specific needs of developers and end-users. This article will provide you with some basic guidelines for an API security testing program. It will also outline some API security tests that you should consider including in your API testing process.

Keep reading... Show less