[New post] BREAKING UPDATES RELEASED: Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely on Android & IOS
ace101 posted: " This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/ #AceNewsRoom With 'Kindness & Wisdom' Sept, 29, 2022 @acebreakingnews Ace News Room Cutting Floo" Peace & Truth
#AceBreakingNews - WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices.
One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call.
The issue impacts the WhatsApp and WhatsApp Business for Android and iOS prior to versions 2.22.16.12.
Also patched by the Meta-owned messaging platform is an integer underflow bug, which refers to an opposite category of errors that occur when the result of an operation is too small for storing the value within the allocated memory space.
The high-severity issue, given the CVE identifier CVE-2022-27492(CVSS score: 7.8), affects WhatsApp for Android prior to versions 2.22.16.2 and WhatsApp for iOS version 2.22.15.9, and could be triggered upon receiving a specially crafted video file.
Exploiting integer overflows and underflows are a stepping stone towards inducing undesirable behavior, causing unexpected crashes, memory corruption, and code execution.
WhatsApp did not share more specifics on the vulnerabilities, but cybersecurity firm Malwarebytes said that they reside in two components called Video Call Handler and Video File Handler, which could permit an attacker to seize control of the app.
Vulnerabilities on WhatsApp can be a lucrative attack vector for threat actors looking to plant malicious software on compromised devices. In 2019, an audio calling flaw was exploited by the Israeli spyware maker NSO Group to inject the Pegasus spyware.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
No comments:
Post a Comment