[ by Kavita Krishnan ]The Computer Emergency Response Team-India (CERT-In) has warned WhatsApp users against a “vulnerability” that can attack the social media messaging app and compromise an individual system without seeking permissions. An advisory has been issued calling the severity of the threat, being spread by an MP4 file, as “high”.The CERT-In is the nodal agency to...
The Computer Emergency Response Team-India (CERT-In) has warned WhatsApp users against a “vulnerability” that can attack the social media messaging app and compromise an individual system without seeking permissions. An advisory has been issued calling the severity of the threat, being spread by an MP4 file, as “high”.
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defenses of the Indian internet domain.
In a scenario of recent developments where WhatsApp had informed the Indian government in September that over a hundred Indian users were targeted by the Israeli spyware Pegasus, the CERT-In has suggested “upgrading” to the latest version of WhatsApp to combat or tide over the problem.
According to CERT-In, a stack-based buffer overflow vulnerability exists in WhatsApp due to improper parsing of elementary stream metadata of an MP4 file. A remote attacker could exploit this vulnerability by sending a special crafted MP4 file to the target system. This could trigger a buffer overflow condition leading to execution of arbitrary code by the attacker. The exploitation doesn’t require any form of authentication from the victim and executes on downloading of malicious crafted MP4 file on the victim’s system.
CERT-In also added that the successful exploitation of this vulnerability could allow the remote attacker to cause Remote Code Execution (RCE) or Denial of Service (DoS) condition, which could lead to further compromise of the system and the only solution pointed by the agency on their website is to upgrade to the latest version of the messaging app.
Facebook – WhatsApp’s parent company – has claimed that the snooping took place in April ahead of the elections in the country and has sued NSO, the Israeli firm that made the software. The social media giant claimed that Pegasus was used to target users not just in India, but across 20 nations.
According to the government agency, half-a-dozen WhatsApp software have been "affected" by the current vulnerability. They have been identified as:-
-WhatsApp for Android prior to 2.19.274
-WhatsApp for iOS prior to 2.19.100
-WhatsApp Enterprise Client prior to 2.25.3
-WhatsApp for Windows Phone prior to 2.18.368
-WhatsApp Business for Android prior to 2.19.104
-WhatsApp Business for iOS prior to 2.19.100.
On the other hand, WhatsApp said that there was no such vulnerability on their app and is said to be constantly working to improve the security of its service.