Never miss a story

Get subscribed to our newsletter


×
WhatsApp on a smartphone device. Pixabay

A security bug has been found in Facebook-owned instant messenger WhatsApp that could let attackers to obtain access to a device and steal data by sending a malicious GIF file.

The danger stems from a double-free bug in WhatsApp, according to a researcher going by the nickname Awakened, The Next Web reported on Wednesday.


A double-free vulnerability is a memory corruption anomaly that could crash an application or open up an exploit vector that attackers can abuse to gain access to users’ device.

According to Awakened’s post on GitHub, the flaw resided in WhatsApp’s Gallery view implementation that is used to generate previews for photographs, videos and GIFs.


Silhouettes of mobile users are seen next to logos of social media apps Signal, Whatsapp and Telegram projected on a screen in this picture illustration. VOA

All it takes to perform the attack is to craft a malicious GIF, and wait for the user to open the WhatsApp gallery, the report added.

“The exploit works well until WhatsApp version 2.19.230. The vulnerability is officially patched in WhatsApp version 2.19.244,” wrote the researcher.

Also Read: Indiscriminate and Irrational Use of Resources and Exploitation of Environment

The bug also works for Android 8.1 and Android 9.0 OS but does not work for Android 8.0 and below.

In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register, according to a report in Gizmodo. (IANS)


Popular

voa

The Indian ships will spend more than two months in the region, the navy said in a statement.

NEW DELHI - India Navy sending four ships for exercises and port visits with the Philippines, Vietnam, Singapore, Indonesia and Australia to strengthen cooperation in the Indo-Pacific region, its navy said Wednesday, as China's maritime power grows in the area.

The Indian ships will spend more than two months in the region, the navy said in a statement.

Keep Reading Show less

The UK government on Thursday announced that it will move India from the red to the amber list on Sunday, in the country's latest update to the 'Red-Amber-Green' traffic light ratings for arrivals into England amid the Covid-19 pandemic.

This means the visit visas for the UK from India are open, in addition to other long-term visas that have remained open. But travellers from India arriving in England can complete a 10-day quarantine at home or in the place they are staying (not mandatorily quarantine in a managed hotel).

Keep Reading Show less
ians

Pakistan has failed miserably to protect Hindus, their interests.

A Hindu temple in Pakistan's Punjab province was reportedly vandalized by hundreds of people after a nine-year-old Hindu boy, who allegedly urinated at a local seminary, received bail, a media report said on Thursday.

According to the Dawn news report, the incident took place on Wednesday in Bhong town, about 60 km from Rahim Yar Khan city.

Besides the vandalization, the mob also blocked the Sukkur-Multan Motorway (M-5), the report added.

Citing sources, Dawn news said that a case was registered against the minor on July 24 based on a complaint filed by a cleric, Hafiz Muhammad Ibrahim, of the Darul Uloom Arabia Taleemul Quran.

The sources said that "some Hindu elders did tender an apology to the seminary administration saying the accused was a minor and mentally challenged".

But, when a lower court granted him bail a few days ago, some people incited the public in the town on Wednesday and got all shops there closed in protest, the report quoted the sources as further saying.

A video clip showing people wielding clubs and rods storming the temple and smashing its glass doors, windows, lights, and damaging the ceiling fans went viral on social media.

Also Read: Hindu Woman Axed To Death In Pakistan

Keep reading... Show less