If you’re using WhatsApp on a Windows PC, it’s crucial to exercise caution with file attachments. Instead of simply receiving a photo or video, you might inadvertently download malware. This vulnerability enables cyber attackers to disguise malicious code as seemingly innocuous attachments.
Impact on WhatsApp’s Windows Application
WhatsApp identifies incoming attachments by their MIME type—the identifier for the file’s content. However, the app relies on the file extension when opening it. This newly discovered vulnerability exploits this inconsistency. A file that’s presented as an image could, in fact, be an .exe file, which executes a program upon being clicked.
According to Meta, WhatsApp’s parent company, if a user tries to open such an attachment, instead of displaying its content, the malicious code could be executed. This issue specifically affects the WhatsApp Windows app and has been addressed in version 2.2450.6.
Yorum Yap