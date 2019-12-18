App
you are here: HomeNewsTechnology
Last Updated : Dec 18, 2019 12:36 PM IST | Source: Moneycontrol.com

WhatsApp fixes bug that caused a crash loop after getting malicious group text; users advised to update app

Affected users in the group would’ve lost all their data as the only way out would have been reinstalling the app and then deleting the group altogether.

Moneycontrol News @moneycontrolcom

WhatsApp has reportedly fixed a bug that would have potentially allowed attackers to crash the messaging app with a malicious group message. The bug would have caused WhatsApp to crash which could have only be fixed after uninstalling and reinstalling the app.

Even after reinstalling the app, the bug wouldn’t have allowed the user to return to the group, therefore resulting in losing all the messages and other data shared in the targeted group.

The bug could’ve been exploited using WhatsApp Web and Google Chrome DevTools. These tools would then allow the attacker to manipulate some parameters that would cause WhatsApp to crash on loop.

Close

For the bug to work, the attacker was required to be a part of the targeted group for sending the malicious message.

related news

Affected users in the group would’ve lost all their data as the only way out would have been reinstalling the app and then deleting the group altogether. “The impact of this vulnerability is potentially tremendous, since WhatsApp is the main communication service for many people. Thus, the bug compromises the availability of the app which is crucial for our daily activities,” read the report.

WhatsApp users are advised to update their apps to the latest version to avoid getting affected by the flaw. Check Point Research reported about the bug to WhatsApp’s bounty program in August, which has now been fixed from version 2.19.58.

The Facebook-owned company recently fixed another such WhatsApp bug that triggered Remote Code Execution (RCE) and Denial-of-Service (DoS) attacks through an MP4 file. The vulnerability existed in the Android app version prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3. WhatsApp for Windows phones before and including 2.18.368 was also vulnerable to an attack.

tags #Business #Technology #WhatsApp

