WhatsApp spokesperson Joshua Breckman told TechCrunch that the bugs were discovered in-house and that the company has seen “no evidence of exploitation.” But security research firm Malwarebytes said in its own technical analysis that the bug is found in a WhatsApp app component called “Video Call Handler,” which if triggered would allow an attacker to take complete control of a victim’s app. WhatsApp didn’t share any further details about the bug. This happens when an app tries to perform a computational process but has no space in its allotted memory, causing the data to spill out and overwrite other parts of the system’s memory with potentially malicious code.
WhatsApp has published details of a “critical”-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call.ĭetails of the flaw, tracked as CVE-2022-36934 with an assigned severity rating of 9.8 out of 10, is described by WhatsApp as an integer overflow bug.
0 kommentar(er)
