A recent technical write-up by a security researcher, asks WhatsApp users to update the app if they haven’t in a short time. The researcher revealed that the instant messaging platform is harbouring a critical threat to the user’s data security.
The security researcher identified as ‘Awakened’ on GitHub, says the phenomenon ‘double free vulnerability’ instigates the data vulnerability, it can either cause the app to crash or allow hackers to access your device.
‘Awakened’ writes that the threat is in the form of an infected gif file; however, only opening the corrupted gif file grants hackers access to your images and messages. The researcher states that receiving the corrupted gif won’t do any harm; opening, viewing and sending it across will trigger the vulnerability.
The threat is critical because even previewing the corrupted gif can initiate a breach of your security, and because WhatsApp previews all data, the breach can be instigated unwillingly as well.
However, the threat is only for Android users. The technical piece says that the vulnerability only exists in Android systems. The researcher writes, "The exploit works well until WhatsApp version 2.19.230. The vulnerability is official patched in WhatsApp version 2.19.244,". They added, "The exploit works well for Android 8.1 and 9.0, but does not work for Android 8.0 and below. In the older Android versions, double-free could still be triggered."
Therefore, the researcher has advised all WhatsApp users with Android devices to update their apps as soon as possible.
Responding to the researcher and concerned WhatsApp users, a WhatsApp spokesperson told The Next Web that, "It was reported and quickly addressed last month. We have no reason to believe this affected any users though of course we are always working to provide the latest security features to our users."