Signal debunks rumors of zero-day vulnerability in 'Generate Link Previews' feature

Secure messenger Signal has conducted an investigation into online rumors about a zero-day security vulnerability tied to its 'Generate Link Previews' feature. The company has found no evidence to suggest that the alleged vulnerability is real. The rumors, which circulated on social media over the weekend, claimed that this new zero-day vulnerability could potentially allow for a complete takeover of devices.

In response to these allegations, Signal stated on social media, “We have seen the vague viral reports alleging a Signal 0-day vulnerability. After responsible investigation, we have no evidence that suggests this vulnerability is real, nor has any additional info been shared via our official reporting channels.”

The company also mentioned that it had checked with individuals within the US Government, as the report alleging the vulnerability cited the USG as a source. Signal stated, “Those we spoke to have no info suggesting this is a valid claim. We take reports to security@signal.org very seriously, and invite those with real info to share it there.”

As a precautionary measure, users have been advised to disable the link previews feature in the app. This can be done by navigating to Signal Settings Chats Generate link previews.