New Delhi, Nov 9 (SocialNews.XYZ) The Indian Computer Emergency Response Team (CERT-In) has warned users of multiple vulnerabilities in WhatsApp and WhatsApp Business for iOS which could allow a remote attacker to bypass security restrictions or execute arbitrary code on the target system.
One vulnerability was found in the Screen Lock feature in WhatsApp and WhatsApp Business for iOS due to improper authorisation of input, CERT-In said in a vulnerability note.
An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week which carried a "high" severity rating.
Another vulnerability was found in the logging library in WhatsApp and WhatsApp Business for iOS due to what is called a "use-after-free" error.
A remote attacker could exploit this vulnerability by sending a specially crafted animated sticker to the target user while placing a WhatsApp video call on hold, resulting in several events occurring together in sequence, CERT-In said.
Successful exploitation of this vulnerability could lead to memory corruption, denial of service conditions or execution of remote code.
To protect themselves from these vulnerabilities, users should install the latest and updated version of WhatsApp and WhatsApp Business from AppStore, CERT-In said.
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz