New WhatsApp Bug found in both Android and IoS by Sending Crafted MP4 File
By MYBRANDBOOK
A new critical vulnerability found in both Android/iOS WhatsApp version Let hackers sending a specially crafted MP4 file to WhatsApp user and trigger the stack-based buffer overflow to perform remote code execution and DoS Attack.
The specially crafted MP4 file triggers the remote code execution (RCE) and denial of service (DoS) cyberattack. “The vulnerability is classified as ‘Critical’ severity. It affected an unknown code block of the component MP4 File Handler in WhatsApp,” gbhackers reported.
Facebook said, “A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. “The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”
The vulnerability affected the following Versions:
· Android versions prior to 2.19.274
· iOS versions prior to 2.19.100,
· Enterprise Client versions prior to 2.25.3
· Business for Android versions prior to 2.19.104
· Business for iOS versions prior to 2.19.100
· Windows Phone versions before and including 2.18.368
The vulnerability classified as “Critical” Severity that affected an unknown code block of the component MP4 File Handler in WhatsApp. Successful exploitation of this bug leads the manipulation as part of a Message to trigger the Stack-based memory corruption vulnerability in WhatsApp Messenger.
Hackers can take advantage of this vulnerability to deploy the malware on the user’s device to steal sensitive files and also used to surveillance purposes. The RCE vulnerability allows hackers to perform the attack remotely without any sort of authentication.
This is not the first time Remote code execution vulnerability found in WhatApp in this year, we have reported another WhatsApp RCE Vulnerability in last month that allowed remote hackers to steal the files in your Android phone using malformed GIF’s. There is no technical details are available for this critical WhatsApp Vulnerability and an exploit is not available at this moment.
The news comes on the heels an Israeli software Pegasus by cyber intelligence company NSO Group that exploited its video calling system to snoop on 1,400 users globally. In India, the list included human rights activists and journalists. The issue snowballed into a political one and the Indian government denied either purchasing or planning to purchase the infamous software in question.
“We agree with the government of India’s strong statement about the need to safeguard the privacy of all Indian citizens. That is why we’ve taken this strong action to hold cyber attackers accountable and why WhatsApp is so committed to the protection of all user messages through the product we provide,” a WhatsApp spokesperson had said in a statement.
BREAKING NEWS
TECHNO TRENDS
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans
The outcome of the legal dispute between X Corp and the Indian government c...
Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth
The agreement, executed through Wipro and its 100% subsidiary,...
Centre announces that DPDP Rules nearing Finalisation by April
The government seeks to refine the rules for robust data protection, ensuri...
Home Ministry cracks down on PoS agents in digital arrest scam
Digital arrest scams are a growing cybercrime where victims are coerced or ...
E-Magazine
TECHNOTAINMENT
Hrithik Roshan to endorse RuPay as Brand Ambassador
RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars
Staying true to our industry leadership position in using cutting-edge tech
MOVERS & SHAKERS
TelioLabs ropes in Phaniraj V A as the Group CEO
TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
OPEN YOUR EYES
INTERVIEWS
Cisco building a trusted and resilient future for the nation
Security is foundational to everything Cisco does and customers insist on e
Delivering Critical Business Communication Solutions to Enterp
Arya Omnitalk and Syntel’s comprehensive suite of solutions and more than
HOT PICK
MSI Announces the availability of RTX 50 series of laptops in
MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999
The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
MAKE IN INDIA BRANDS
ALPHAMAX TECHNOLOGIES PVT. LTD.
TAC SECURITY SOLUTIONS
ACER INDIA PVT. LTD.
DRUVA SOFTWARE PVT. LTD.
EMINENT CIO'S OF INDIA
ICONS OF INDIA
ICONS OF INDIA : SUNIL BHARTI MITTAL
Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...
ICONS OF INDIA : RAJESH NAMBIAR
Rajesh leads the company’s India associates and enhances relationshi...
Icons Of India : Kumar Mangalam Birla
Aditya Birla Group chairman Kumar Mangalam Birla recently made a comeb...
PARTNER SPEAKERS
PSU
IOCL - Indian Oil Corporation Ltd.
IOCL is India’s largest oil refining and marketing company ...
ITI - ITI Limited
ITI Limited is a leading provider of telecommunications equipment, sol...
CSC - Common Service Centres
CSC initiative in India is a strategic cornerstone of the Digital Indi...
VIDEOS
Top 25 Brands
Global Indian industry
Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated
Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...
Indian Tech Talent Excelling The Tech World - Aneel Bhusri, CEO, Workday
Aneel Bhusri, Co-Founder and Executive Chair at Workday, has been a le...
Indian Tech Talent Excelling The Tech World - JAY CHAUDHRY, CEO – Zscaler
Jay Chaudhry, an Indian-American technology entrepreneur, is the CEO a...
ITFORUM 2025
CMO of the Year
WOMEN LEADERSHIP
IMAGE GALLERY
TRENDS IN TECHNOLOGY
MORE VIDEOS
ADVERTISEMENTS
TECHNOLOGY DISRUPTION
UNICORNS REVOLUTIONISING
of images belongs to the respective copyright holders
