Carefree setting status for WhatsApp

Serious security vulnerability in WhatsApp: All users can be attacked in this way. But there is a workaround.

Our article from October 5, 2019:

Munich - There is a huge security gap in the popular WhatsApp messenger: As a hacker found out, all Android users are affected. And the hole is very dangerous: it allows criminals to access the smartphone - or place malware on the device.

Specifically, it concerns a loophole with the technical name CVE-2019-11932, which the user Awakened discovered. A few days ago he immediately informed Facebook, WhatsApp's parent company. And not without reason: As the technical logs show, this gap affects millions of WhatsApp users.

WhatsApp: Vulnerability can already be actively exploited

In contrast to comparable security problems in the past, the user does not even have to click on a link or install a supposedly helpful extension. In this specific case, the problem rolls directly towards the user without the user being able to do anything. It is enough for a contact to send you an infected GIF file (a graphic format that also enables animations).

Video: WhatsApp vulnerability

When the WhatsApp user then opens WhatsApp's attachment function for attachments, the GIF file is automatically activated - which could then contain malware. Everything is then possible that is possible with remote access: reading out content, installing additional software or controlling the Android smartphone remotely.

One measure helps to protect yourself from a WhatsApp vulnerability

After all, there has recently been a rescue: WhatsApp has released an update 2.19.244 for Android, which every user should install immediately. This means that pests can no longer be smuggled in via GIF files. All WhatsApp users with an Android mobile phone are potentially affected - they should check the Google Playstore to see whether a new version of WhatsApp is available. Only Apple devices are generally not affected. The necessary update also prevents strangers from gaining access to your private chats with the help of a simple GIF.

The limitation with the current WhatsApp vulnerability is that the attacker has to be saved in the contacts according to the current state of knowledge. Then, however, there are no more limits to abuse and the smuggling of pests. The user Awakened from Singapore, who calls himself a ‚Äútechnologist and security enthusiast‚ÄĚ, has already demonstrated on the Github platform how the gap in the wild can be exploited.

rpp

Security gaps in WhatsApp are repeatedly made public. All software is affected by so-called bugs. However, this affects hundreds of millions of WhatsApp users. A loophole was recently discovered in which criminals could hack into their own data. And malware recently threatened WhatsApp users. It could set a precedent: Facebook is suing a software company for the first time for WhatsApp espionage - but they are fighting back.