Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    Black Friday Sale
    Black Friday Sale
    HomeTechnologyIndian Government issues security warning for WhatsApp users: Check if you are affected

    Indian Government issues security warning for WhatsApp users: Check if you are affected

    A new CERT-In alert warns WhatsApp Desktop for Windows users of a high-risk flaw that could let attackers run code or spoof systems.

    MC Tech Desk
    April 13, 2025 / 20:09 IST
    WhatsApp

    The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity security alert for WhatsApp Desktop users on Windows. The agency has warned that a vulnerability could let attackers execute arbitrary code or launch spoofing attacks, potentially compromising system security.

    Devices affected

    The vulnerability affects users running WhatsApp Desktop for Windows versions earlier than 2.2450.6. According to CERT-In, the issue arises from a misconfiguration between the MIME type and file extension, which causes improper handling of attachments. If a user opens a malicious file sent through WhatsApp, the flaw could allow attackers to run arbitrary code or spoof the system.

    CERT-In has classified the issue as “high” in severity due to its potential to give attackers unauthorised access to data or full control of the affected machine. This flaw, listed as CVE-2025-30401, impacts desktop users who rely on WhatsApp for messaging, calls, and media sharing.

    What government has said

    The advisory warns that the vulnerability could result in data theft, spoofing, or full system compromise. The government agency has said that attackers could exploit this flaw remotely by sending specially crafted attachments that, when opened manually within WhatsApp, trigger the vulnerability.

    CERT-In’s alert highlights the broader risks of software misconfigurations and urges users to take the warning seriously, especially given the widespread usage of WhatsApp across personal and professional communication.

    What you should do right now

    Users are advised to immediately check their WhatsApp Desktop version and update to the latest available build to patch the vulnerability. WhatsApp has issued a fix and published a security advisory on its official page at https://www.whatsapp.com/security/advisories/2025.

    In addition to updating, users should avoid opening unsolicited attachments, even from known contacts, and regularly monitor for new software updates. Maintaining good cybersecurity hygiene can help reduce the risk of such exploits in the future.

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    MC Tech Desk Read the latest and trending tech news—stay updated on AI, gadgets, cybersecurity, software updates, smartphones, blockchain, space tech, and the future of innovation.
    first published: Apr 13, 2025 08:08 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347