Attackers using WhatsApp MP4 video files vulnerability can remotely execute code
Last week a severe vulnerability in the WhatsApp messaging software was uncovered, allowing hackers to perform remote code execution attacks. Facebook reported that the bug is a stick-based buffer overflow problem that can be prompted by attackers sending .MP4 video files. The vulnerability can be exploited to conduct denial-of-service (DoS) and remote code execution (RCE) attacks.
WhatsApp versions earlier than 2.19.274 on Andriod and 2.19.100 on iOS are affected by the vulnerability. Facebook advised users to update software to lower the risk of exploitation. Last May, WhatsApp was involved in controversy when Israeli organization NSO Group used a WhatsApp vulnerability to deploy Pegasus spyware on WhatsApp users. Since then, several other high-risk vulnerabilities in WhatsApp have been uncovered by security experts.