WhatsApp has fixed up a susceptibility that could enable an attacker to flip through susceptible data from the app’s memory, comprising private messages exploiting a specified crafted image. The vulnerability was reported to WhatsApp by cybersecurity firm Check Point Research and is contained within the image filter function of WhatsApp for Android and WhatsApp Business for Android that enables users to add filters to their images.
The Facebook-owned company repaired the safety problem after it was noted by Check Point investigators and asserted that there was no indication that the susceptibility was ever exploited. Investigators at Check Point Research were proficient to uncover the susceptibility that is technically a memory corruption problem while glancing at the means WhatsApp functions and sends images on its outlet.
During the study, it was established the image filter purpose of the messaging app crashes when it was utilized with some specially-designed GIF files. That took the researchers to the juncture from where they were able to sight the loophole.
Based on Check Point Research, the susceptibility could be ignited after a user opens an attachment comprising a malevolently crafted image file, attempts to apply a filter, and then delivers the image with the filter applied back to the attacker. The investigators, hence, reported that hackers would have needed “complex steps and extensive user interaction” to manipulate the problem.