Check Point Research discovered a new WhatsApp security vulnerability. The app's image filter function opened up risks that could have exposed its 2 billion user data worldwide. Fortunately, a security patch was immediately released to fix the problem.
WhatsApp is one of the most popular messaging platforms available today. It has an estimated activity of 55 billion messages, 4.5 billion photos, and one billion videos exchanged per day. With many active users, WhatsApp is an attractive target for cybercriminals.
Therefore, it is crucial that the program fixes any issues and bugs found in its system.
WhatsApp Data Breach 2021: Security Vulnerabilities
According to The Economic Times, cybersecurity data firm Check Point Research (CPR) discovered and flagged security vulnerabilities on the WhatsApp image filter function. This is the process where pixels of an image are modified to achieve visual effects, like blur or sharpen.
CPR learned that switching between filters could cause WhatsApp to crash and even result in memory corruption. The vulnerability was named CVE-2020-1910. CPR said that "an attacker could have exploited the vulnerability to read sensitive information from WhatsApp memory."
The WhatsApp hack sounds simple, but CPR clarified it to be a complex process. To exploit the vulnerability, an attacker would have to apply specific image filters to a specially crafted image and send it as a message. Hackers would have a hard time completing the process.
However, rather than getting complacent, CPR disclosed its findings to WhatsApp, whose developers created a security patch addressing the issue. The actual discovery was made on November 10, 2020, according to Security Brief. Details for the vulnerability were likely revealed to the public only after WhatsApp finished fixing the problem.
A representative of WhatsApp said via Security Brief: "We regularly work with security researchers to improve the numerous ways WhatsApp protects people's messages, and we appreciate the work that Check Point does to investigate every corner of our app. People should have no doubt that end-to-end encryption continues to work as intended and people's messages remain safe and secure."
WhatsApp concluded its statement by saying they had no reason to believe this bug directly impacted their database. However, they recommend users to always update their apps and operating systems to load the latest security improvements.
WhatsApp Data Privacy: How to Download Latest Update
WhatsApp generally updates automatically if it received system permission. However, users might also receive a message requiring them to update the app or program manually. WhatsApp listed the following instructions for the update depending on the device:
- Android: Go to "Google Play Store" and search for "WhatsApp." Click on "Update"
- iPhone: Go to "App Store" and search for "WhatsApp." Click on "UPDATE"
- KaiOS: Go to "JioStore" or "Store." Scroll on the side and select "Social." Select "WhatsApp." Press "OK" or "Select" then "Update."
WhatsApp recommends users to complete these instructions or visit their respective app stores regularly to download the latest updates.
Related Article: YouTube Picture-in-Picture for iPhone, iPad: 3 Steps to Activate New Viewing Mode on iOS