- Meta found a vulnerability in WhatsApp for Windows
- It affects all older versions and allows hackers to encourage people to run .exe files
- The defect allows criminals to display .exe files as harmless photos in the cat
Meta has corrected a vulnerability of average severity in its customer WhatsApp for Windows, which allowed the actors to threaten to train it executable files in the form of images.
In a short notice published on Facebook, the company said it had tackled a usurpation problem in WhatsApp for Windows, before version 2.2450.6.
The bug “displayed of attachments according to their MIME type but has selected the file opening manager according to the file name extension of the attachment”, explained Meta.
No abuse in nature
“A maliciously manufactured discrepancy could have made the recipient inadvertently perform an arbitrary code rather than visualizing the attachment when the manual opening of the attachment inside WhatsApp.”
According to CyberinsiderThis inadequacy is a “classic method” for exploitation based on social engineering, because it allows threat actors to send files that seem harmless, but which are in fact malicious. “If a victim double-click on the attachment in WhatsApp, the underlying executable could run, compromising the user system,” wrote the publication.
All the old versions of the software were vulnerable, explained Meta in addition, recommending that users apply the fix immediately.
At the same time, the Cyberness The team says that there is currently no evidence that vulnerability is exploited in the wild. However, as usual with these things, as soon as the news of a vulnerability breaks, cybercriminals are starting to seek vulnerable parameters.
Most cyber attacks today start with social engineering. A phishing message, associated with a malicious attachment, can be sent either by e-mail or via an instant messaging platform such as WhatsApp. This can encourage the victim to make a reckless decision, performing attachment without thinking about it first.
E-mail addresses are leaned much more often than telephone numbers, making the original attacks WhatsApp a little less likely. However, many organizations also reap this information, then store it in databases not condemned and not protected by passwords, which are often collected by malicious actors and sold on the Dark Web.
For Adam Pilton, senior cybersecurity consultant at Cybersmart, said it was a dangerous vulnerability because many people are part of different WhatsApp groups where images are shared all the time. This has an excellent opportunity for criminals and a major risk for users:
“It is really important to emphasize that this WhatsApp vulnerability has an impact on office Windows users. Most people will be part of a WhatsApp group where it is common that the images are shared and this is where this vulnerability becomes dangerous, because if a cyber-criminal has been able to share this image in your group or with a person who trusts you in the part of the shared image.
“It is good to see, however, that the solution is at hand and simple to perform and it is to apply an update to Whatsapp.”
Via Cyberness
