A new vulnerability in WhatsApp that affected group chats and crashed the app completely forcing users to reinstall it, was recently discovered by cyber security research firm Check Point. WhatsApp has rolled out a fix for the issue in WhatsApp version 2.19.58. Users are advised to update to the latest WhatsApp version to resolve the problem.
The flaw essentially caused WhatsApp to crash for all members of the group after opening a malicious group message. Users would then require to uninstall and reinstall the app again and delete the group with malicious message in order to continue using WhatsApp.
Of course, a user who is a member of the group can send malicious message on the group. As per a Check Point blog post, the malicious message can cause a crash loop for members and deny users access to all WhatsApp functions until the app is removed and reinstalled on the user’s device as well as the group, which has that message is deleted.
The vulnerability was pointed out by the firm to WhatsApp on August 28, 2019, following which the messaging service released a fix and the issue was resolved in mid-September. To reiterate, all WhatsApp users are advised to update to version 2.19.58 of the app to avoid a potential attack.
“WhatsApp greatly values the work of the technology community to help us maintain strong security for our users globally. Thanks to the responsible submission from Check Point to our bug bounty program, we quickly resolved this issue for all WhatsApp apps in mid September. We have also recently added new controls to prevent people from being added to unwanted groups to avoid communication with untrusted parties all together.” – WhatsApp Software Engineer Ehren Kret said in a statement.
WhatsApp is among the largest messaging apps worldwide with over a billion users. The firm stated that over 65 billion messages are exchanged on WhatsApp per day. There have been no reports of exploitation of the vulnerability by hackers so far, but updating to the latest WhatsApp version is recommended for all users.
“The Check Point Research team found the vulnerability by inspecting the communications between WhatsApp and WhatsApp Web, the web version of the app which mirrors all messages sent and received from the user’s phone. This enabled researchers to see the parameters used for WhatsApp communications and manipulate them. This new research builds on the ‘FakesApp’ flaws discovered by Check Point Research, which allowed group chat messages to be edited to spread fake news,” the post read.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines