Image via Adobe Stock
Image via Adobe Stock
The Indian Computer Emergency Response Team (CERT-In) warns Apple users of a glitch in the iPhone iOS. The vulnerability may expose WhatsApp users to cyberattacks.
“A new version of WhatsApp and WhatsApp Business for iOS was released to fix vulnerabilities that could allow the execution of malicious code, memory corruption and crashes”.CERT-In
CERT-In warned that the vulnerability “was found in the logging library in WhatsApp and WhatsApp Business for iOS, due to what is called a ‘use-after-free’ error”.
A cyber attacker could cause havoc by sending a “specially crafted animated sticker” to the target while placing a WhatsApp video call on hold. That would result in several events occurring together in sequence.
Moreover, CERT-In adds that the attack could result in “memory corruption, denial of service conditions or execution of remote code”.
CERT-In also warned of another vulnerability which could “could permit Siri to interact with WhatsApp even after the phone was locked”. According to IANS (India’s Largest Independent News Service):
“An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week which carried a ‘high’ severity rating”.
Thus, the UAE’s Telecommunications Regulatory Authority (TRA) warned iPhone users to update their WhatsApp and WhatsApp Business apps in a bid to protect themselves against cybercriminals.
CERT-In suggests updating WhatsApp regularly and to ensure your device is running on the latest software version. App developers implement bug fixes whenever they detect vulnerabilities such as these.
That said, the responsibility rests with us as users to update our apps. A WhatsApp spokesperson previously explained to Forbes that the team is “constantly working to improve security” of their services:
“We make public reports on potential issues we have fixed consistently with industry best practices. In this instance, there is no reason to believe users are impacted.”
WhatsApp can updated directly from the Apple App Store. If your iOS software is outdated, it won’t do any harm to update that as well.
There are several other ways to secure your WhatsApp account, including end-to-end user encryption, and knowing how to identify a suspicious link. Read more here.
Lastly, trusted WhatsApp beta tester, WA Beta Info, confirms that WA developers are fine-tuning a new “biometric lock” for Android devices. This will further ensure your privacy and safety.
The Biometric Lock feature will, when enabled, require our fingerprint, face or “other unique identifiers” to open the Facebook-owned messaging app. The new feature will be replacing the current “Fingerprint Lock”.