Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Science
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Find Cricket Statistics
Hindi
More
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Science
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Science News / Alert: Don't send GIFs via WhatsApp, till you update it
  • Science

    Alert: Don't send GIFs via WhatsApp, till you update it

    Mudit Dube
    Written by
    Mudit Dube
    Twitter
    Last updated on Oct 05, 2019, 07:14 pm
    Alert: Don't send GIFs via WhatsApp, till you update it
  • A new vulnerability has been discovered in WhatsApp which allows hackers to gain access to your files and messages by leveraging malicious GIFs.

    In a technical write-up on Github, a Singapore-based researcher has explained the flaw, noting that the security flaw arises from a double-free bug in WhatsApp.

    However, the vulnerability has been addressed by the company in version 2.19.244.

  • In this article
    What is a double-free bug? Here's how WhatsApp's double-bug puts your phone at risk Primarily, the vulnerability seems to affect Android devices What should you do?
  • Information

    What is a double-free bug?

  • For the uninitiated, a double-free bug refers to a memory corruption issue that can cause the program to crash or, in some cases, open up an exploit vector that hackers can abuse to obtain access to your device without your knowledge.

  • Modus operandi

    Here's how WhatsApp's double-bug puts your phone at risk

    Here's how WhatsApp's double-bug puts your phone at risk
  • The WhatsApp double bug vulnerability can be exploited by sending a malicious GIF file to a user via any channel.

    Once the GIF is on the phone, the attack gets triggered as soon as the user opens WhatsApp's media gallery. Since WhatsApp shows previews of every media (including the malicious GIF), it will set-off the double-free bug and place the Remote Code Execution exploit.

  • Concerns

    Primarily, the vulnerability seems to affect Android devices

    Primarily, the vulnerability seems to affect Android devices
  • According to the researcher, the exploit "works well for Android 8.1 and 9.0, but does not work for Android 8.0 and below."

    "In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register," he noted.

  • Information

    What should you do?

  • As it turns out, the company has acknowledged the vulnerability and patched it officially in WhatsApp version 2.19.244. So, to secure your device, all you need to do is update your WhatsApp app.

  • WhatsApp
  • GitHub
  •  
Latest News
  • 'GoT' ending still getting trolled; Marvel joins the fun now
    'GoT' ending still getting trolled; Marvel joins the fun now
    Entertainment
  • Netflix orders 'Terminator' anime, series to expand parent franchise
    Netflix orders 'Terminator' anime, series to expand parent franchise
    Entertainment
  • Chelsea vs Manchester United: Head-to-head, stats and form guide
    Chelsea vs Manchester United: Head-to-head, stats and form guide
    Sports
  • Netflix to pump in $500mn for Korean content this year
    Netflix to pump in $500mn for Korean content this year
    Entertainment
  • ISRO launches Brazil's Amazonia-1, 18 satellites; first launch of 2021
    ISRO launches Brazil's Amazonia-1, 18 satellites; first launch of 2021
    India
Related Timelines
  • NewsBytes Briefing: Apple's online store launching next week, and more
    NewsBytes Briefing: Apple's online store launching next week, and more
    Science
  • How hackers used WhatsApp, LinkedIn to target human rights activists
    How hackers used WhatsApp, LinkedIn to target human rights activists
    Science
  • #WeeklyRecap: Free Google Meet, bugs in Chrome, Microsoft Teams, more
    #WeeklyRecap: Free Google Meet, bugs in Chrome, Microsoft Teams, more
    Science
Trending Topics
Samsung OnePlus Mobiles Android TV Smart TV Latest Gadget Launch MediaTek Dimensity 1000+ COVAXIN Latest Tech News Upcoming Mobile Phones
Next News Article
Share
Cancel

Want to share it with your friends too?

Facebook Whatsapp Twitter Linkedin
Copied

Love Science news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Science News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Bharti Airtel Mukesh Ambani Indian Premier League Samsung Virat Kohli Rohit Sharma
Cricket News YouTube Hollywood News WhatsApp Bollywood News ISRO Yoga Honda Batman Football News
BMW Vaccine Reliance Jio OPPO Food News, Healthy Recipes Royal Challengers Bangalore Toyota Fashion Tips Farmers Protest Mohammed Bin Salman
Mercedes Europa League Isha Ambani India Vs England Cricket OnePlus Mobiles Android TV Smart TV Marvel Comics Avengers Neha Kakkar
Premier League Big Bang Theory X-Men TATA
About Us Privacy Policy Terms & Conditions Contact Us News Reviews News Archive Topics Archive Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2021