Are you using WhatsApp on an old mobile handset? You could fall easy prey to hackers.
The Meta-owned freeware has revealed that a critical bug could affect older installations on devices not updated with its latest version. It could allow a hacker to exploit a code error, known as an integer overflow, to execute commands on your device remotely.
“An integer overflow in WhatsApp for Android prior to v220.127.116.11, Business for Android prior to v18.104.22.168, iOS prior to v22.214.171.124, Business for iOS prior to v126.96.36.199 could result in remote code execution in an established video call,” WhatsApp said in an update.
You can fall victim to remote code executions (RCEs) by downloading malware. Your geographic location does not matter.
Not one but two bugs
The new bug has been named CVE-2022-36934, with a severity score of 9.8 out of 10 on the Common Vulnerabilities and Exposure (CVE) scale. That is not all. WhatsApp has also revealed the details of another bug that could cause an RCE when you receive a crafted video file. The company has removed both these bugs in its latest version.
On Monday, WhatsApp announced it was rolling out Call Links to ease the process of starting and joining a call. You can do these in just one tap. The company is also testing secured and encrypted group video calls for up to 32 people on the app.