Make sure WhatsApp is updated on your device to avoid a new exploit

Written about 1 year ago by IanDorfman

If you have WhatsApp on any device whatsoever, make sure to update it. An exploit was discovered and fixed that allowed an attacker to load NSO Group's Pegasus spyware on to any device running on Small iOS iconiOS or Small Android iconAndroid via a voice call even if the recipient didn't answer the call.

Here is the official description of the vulnerability via an advisory posted by Facebook:

"A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number."

This impacts the following versions of the world's most used messaging service:

• WhatsApp for Android prior to v2.19.134
• WhatsApp Business for Android prior to v2.19.44
• WhatsApp for iOS prior to v2.19.51
• WhatsApp Business for iOS prior to v2.19.51
• WhatsApp for Windows Phone prior to v2.18.348
• WhatsApp for Tizen prior to v2.18.15.

Though Small WhatsApp iconWhatsApp received a server-side fix on May 10th, it is still strongly recommended that you update to the latest version of the messaging service as soon as possible. The Pegasus spyware is incredibly dangerous, as it can record conversations, steal private messages and photos, turn on a phone's microphone and camera, and collect location data.