Patch That WhatsApp Zero-Day Exploit

Facebook has recently patched a critical zero-day exploit in WhatsApp, WhatsApp is urging users to update as soon as possible because hackers are able to exploit you remotely to install spyware on phones by calling the targeted device.

WhatsApp did not name the threat actor exploiting the CVE-2019-3568, it described the attackers as an “advanced cyber actor” that targeted “a select number of users.”

WhatsApp advisory confirmed Monday that the flaw – now patched – is a

WhatsApp buffer overflow vulnerability in WhatsApp’s VOIP stack, which allows remote code execution via specially crafted series of SRTCP [Secure Real Time Transport Protocol] packets sent to a target phone number.

“A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.” details provided by Facebook.

Facebook however did fix the issue with the release of WhatsApp for Android 2.19.134, WhatsApp Business for Android 2.19.44, WhatsApp for iOS 2.19.51, WhatsApp Business for iOS 2.19.51, WhatsApp for Windows Phone 2.18.348, and WhatsApp for Tizen 2.18.15. Any prior version of the popular instant messaging app is vulnerable. The company also implemented a server-side patch that was deployed at the end of last week.

Make sure you go into your app stores and install the latest update.

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.