Facebook Patched a Security Vulnerability in Whatsapp Desktop

If you use WhatsApp for PC to chat on your computer, you must update the WhatsApp’s desktop version. In WhatsApp’s Mac and Windows versions, facebook patched a security vulnerability allowing attacker to insert JavaScript into messages and access files remotely from a Windows or a Mac computer.

WhatsApp Desktop was using an earlier Google’s Chrome web engine release (Chrome Ver. 69) with known flaws which made slip the rogue code relatively easy. It wasn’t hard to change texts, check for sensitive documents.

Facebook built WhatsApp on an Electron framework that makes it easier to deliver web-based multiplatform apps. Electron isn’t secure if an app is based on an outdated web engine.

When you update your desktop version and also update the app on your Andorid and iOS phones to the latest versions, you are probably safe. The flaws affects WhatsApp’s desktop software from version 0.3.9309 and earlier, and those who have paired the desktop app with WhatsApp for iOS versions prior to 2.20.10.

US National Vulnerability Data (NVD): “A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message.”

The solution: to update or, more simply, uninstall the app and reinstall it on the phone.

What's Your Reaction?
In Love
Not Sure
View Comments (0)

Leave a Reply

Your email address will not be published.

© 2020 The Pexels, LLC. All Rights Reserved.

Scroll To Top