at 9:03 PM

WhatsApp has fixed a video call-based account hijack exploit

The developers of WhatsApp have just patched a serious security exploit that researchers at Google discovered back in August.

The Android and iOS releases of the messaging, voice, and video calling service have been updated to remove the exploit, which was referred to as a "memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation" by Natalie Silvanovich, a Google Project Zero security researcher. The bug enabled attackers to take over a user's installation of the application when answering a video call.

This bug only impacted the Android and iOS versions of WhatsApp and not the web version of it because of the difference in protocols utilized. For Android and iOS, WhatsApp uses the Real-time Transport Protocol (RTP); for the web version, the Web Real-Time Communication (https://alternativeto.net/software/webrtc/) protocol is used.

In a statement to ZDNet, WhatsApp said that it found no evidence of this exploit being used to attack users.

Further coverage: ZDNet Engadget

by Ian Dorfman

Did you find this interesting?

Yes

Comments

No comments so far, maybe you want to be first?

Related news

All our news about: Instant Messengers Group Chat Apps Encrypted Chat Apps WhatsApp

WhatsApp on AlternativeTo

815

Free • Proprietary
Instant Messenger

Mac
Windows
Online
Android
iPhone
Android Wear

WhatsApp is an iPhone and Android messaging app which allows you to exchange messages without having to pay for SMS.