Skip to main content

Advertisement

Advertisement

WhatsApp users should 'immediately' update to latest versions to fix security flaws: SingCert

SINGAPORE — WhatsApp has released an update to address security flaws that could allow attackers to gain complete control of a targeted user's mobile application, the Singapore Computer Emergency Response Team (SingCert) said in a statement on Wednesday (Sept 28). 

A new payment mode was unveiled by messaging platform WhatsApp on May 9, 2023.

A new payment mode was unveiled by messaging platform WhatsApp on May 9, 2023.

Follow TODAY on WhatsApp

SINGAPORE — WhatsApp has released an update to address security flaws that could allow attackers to gain complete control of a targeted user's mobile application, the Singapore Computer Emergency Response Team (SingCert) said in a statement on Wednesday (Sept 28). 

The government cybersecurity response team urged WhatsApp users to download the latest versions "immediately", though it added that there are so far no reports of active exploitation of the remote code execution vulnerabilities. 

The first vulnerability affects the Video Call Handler component.

An attacker can exploit this during a video call with a targeted user to take complete control of their WhatsApp app, SingCert explained. 

The second vulnerability affects the Video File Handler component by sending a specially crafted video file to targeted users and convincing them to play it.

The following versions are affected by the first vulnerability: 

  • WhatsApp for iOS and Android before version 2.22.16.12 
  • WhatsApp Business for iOS and Android before version 2.22.16.12

The following versions are affected by the second vulnerability: 

  • WhatsApp for Android before version 2.22.16.2 
  • WhatsApp for iOS before version 2.22.15.9

Users are advised to update to the latest versions of WhatsApp immediately by visiting their app stores and they are encouraged to enable automatic updates to ensure the app is updated promptly, SingCert said. 

Related topics

WhatsApp cybersecurity SingCERT Android iOS

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.