News

WhatsApp suffered from vcard leak in web client

By admin
Spread the love

WhatsApp has patched a vulnerability in WhatsApp Web that allowed an attacker to open a vcard containing malware in the browser. The attacker would have had enough with only the phone number of his target.

WhatsApp Web users can open attachments sent by third parties through the mobile platform, including business cards of the vcard file type. An attacker was found to be able to mask malicious code such as such a vcard, causing a recipient to run malware on its system upon opening, warns security researcher Kasif Dekel of Check Point. All the attacker needed was the WhatsApp account phone number. WhatsApp Web did not validate vcard-type files.

WhatsApp rolled out an update on August 27 to close the leak, six days after being notified by Check Point. Versions higher than 0.1.4481 would not have the vulnerability and Check Point recommends that users who are still on an old version update it. WhatsApp has 900 million users worldwide, but how many people use the web client is unknown.

You might also like
News

EU Council determines position on security requirements for digital products

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

ASUS will produce and support NUC mini PCs after Intel exit

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Telegram has over 800 million active users and is not yet profitable

News

Eurostar starts check-in with facial recognition at train stations in London