Facebook and Google are expanding their reach into a new way of communicating with each other.What they have in common is the ability to share, in real time, information with eachother.Both companies are investing heavily in this space.The Facebook-owned Instant Messenger service has seen growth over the past year and a half and is currently valued at over $6 billion.But the new company, Twitter, ...
6 months ago https://www.theguardian.com/technology/2017/jan/12/whatsapp-latest-update-bugs-security-article-3916085 The latest version of WhatsApp is the company’s worst ever release.
The messaging app had been out of beta for more than a year when the latest security flaw was discovered in the latest update.
It was also one of the first apps to suffer an internal flaw that could allow attackers to remotely execute code in a victim’s phone.
“WhatsApp has a long history of vulnerability disclosure and fixing,” WhatsApp security expert Alex Halderman said.
“They have been known to release a security patch, but we’ve never seen a patch as bad as this.”
The flaw affects all WhatsApp users and users of older versions of WhatsApp, but it affects WhatsApp’s users of newer versions of the app as well.
WhatsApp said in a blog post on Tuesday that it was working on fixing the flaw and would begin rolling out the update in a few days.
“We are currently fixing the issue and are preparing to roll out the next major update to the WhatsApp app,” the blog post read.
“If you use WhatsApp in your daily life and need help, please contact support.”
WhatsApp also updated its app with a fix for the flaw that also addresses other security issues in the app.
“The new WhatsApp fix resolves a potential flaw in the way our API handles requests for access to our user data,” the company said.
WhatsApp has said that it fixed the bug in its beta software and plans to roll the update out as soon as it is available.
However, some WhatsApp users were disappointed that the update didn’t fix the other flaws that have been disclosed to date.
The most recent flaw in WhatsApp was first reported by security researchers at security firm Trend Micro.
It allows attackers to exploit a flaw in a way that allows them to hijack an incoming call or text message.
The flaw is the third such vulnerability that has been disclosed in the past month, and the latest one has been fixed in the current update.
A researcher named Jelte Eickhout of Trend Micro said that WhatsApp was one of several apps that were vulnerable to the same flaw.
“This bug is a very bad one,” Eickhrout told CNN.
“It is a serious security issue, and it’s a huge win for WhatsApp because it makes them vulnerable.”
The vulnerability in WhatsApp came to light when researchers noticed that an unknown attacker had exploited a different vulnerability in another app to access the user’s WhatsApp account.
“When we found the first vulnerability in that app, we fixed the second one as well, and then we were able to use this second vulnerability to launch this attack,” Eich told CNN’s Chris Cuomo.
Eich added that it took WhatsApp more than three days to address the second flaw.
In its post on the latest vulnerability, WhatsApp said that the vulnerability is “an exploitable attack surface” that could be used by attackers to steal data or use it to execute malicious code on the device.
“To be clear, this attack surface is not limited to WhatsApp’s API.
This attack surface can also be exploited on other platforms, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform,” the app said.
The researchers said that a new version of the WhatsApp platform update could fix the second issue.
“Based on our investigation, we believe that this second issue in the API was exploited by a remote attacker to send malicious SMSs, and this exploit was patched in the next WhatsApp update,” the team wrote.
“In other words, WhatsApp has been using the same exploit since February and the exploit was fixed in this new update.”
Eich said that this latest security issue could lead to the “biggest security bug ever” in WhatsApp.
The second flaw could allow hackers to remotely exploit a vulnerability in the platform to launch a malicious attack on the user.
The exploit can be used to send spam messages to WhatsApp users, send malicious email to WhatsApp administrators, or execute malicious software to take control of WhatsApp’s user accounts.