The version of WhatsApp intended for computers contained until last month a security flaw. Corrected by an update, the vulnerability of the instant messaging program was likely to be used by hackers. They could indeed have accessed the files stored on the computer and potentially containing personal data.
Breaking News: PerimeterX researcher @WeizmanGal discovered a critical #security vulnerability in WhatsApp that allows cybercriminals to read from the file system access. Read his story in the new technical blog: https://t.co/dy3XZV0fEP #XSS #JavaScript pic.twitter.com/9ncYTOIAd6
- PerimeterX (@perimeterx) February 4, 2020PerimeterX and its cybersecurity expert Gal Weizman warned WhatsApp officials of the fragility they had discovered. They later revealed it publicly on their site on Tuesday. It is recommended to update the WhatsApp application for desktop in order to benefit from the resolution of the problem. The security flaw was corrected from versions 0.3.9309 of the software, specifies Presse-Citron .
Access to the files of targeted Internet users
Concretely, the dysfunction allowed Gal Weizman to send users links which he modified the display to hide their malicious nature. Using a JavaScript code and the JavaScript Fetch API, he could enter the files of the targeted Internet user. The researcher also had the opportunity to change the metadata of the messages.
The use of a bad framework in the structure of the email program is the source of this vulnerability. The one on which the program was based exploited version 69 of Chromium instead of 78. The declination of the mobile application on computer therefore did not have the latest updates and the security patches included therein.
By the Web
Coronavirus: Fennel rush due to viral message on Whatsapp
High-Tech
Finally, the advertising will not arrive immediately on Whatsapp
- High-Tech
- Computer
- messaging
- Application