Make sure WhatsApp is updated on your device to avoid a new exploit
If you have WhatsApp on any device whatsoever, make sure to update it. An exploit was discovered and fixed that allowed an attacker to load NSO Group's Pegasus spyware on to any device running on iOS or Android via a voice call even if the recipient didn't answer the call.
Here is the official description of the vulnerability via an advisory posted by Facebook:
"A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number."
This impacts the following versions of the world's most used messaging service:
• WhatsApp for Android prior to v2.19.134 • WhatsApp Business for Android prior to v2.19.44 • WhatsApp for iOS prior to v2.19.51 • WhatsApp Business for iOS prior to v2.19.51 • WhatsApp for Windows Phone prior to v2.18.348 • WhatsApp for Tizen prior to v2.18.15.
Though WhatsApp received a server-side fix on May 10th, it is still strongly recommended that you update to the latest version of the messaging service as soon as possible. The Pegasus spyware is incredibly dangerous, as it can record conversations, steal private messages and photos, turn on a phone's microphone and camera, and collect location data.
- Free • Proprietary
- Android Wear
WhatsApp is an iPhone and Android messaging app which allows you to exchange messages without having to pay for SMS.