The vulnerability has already been resolved with the latest update, but was made known today
a new one has been discovered WhatsApp vulnerability which affected the hugely popular group chats and which caused a application crash by sending a single message in the collective conversation. The researchers of Check Point Software Technologies Ltd., the leading provider of cybersecurity solutions globally.
Of course, for many terrible chats such as that of condominiums or the parents of students it could also be a commendable subversive act to bring everything down, but the problem of the app used by over a billion and a half users not at all to be underestimated and to be taken lightly.
In many cases, in fact, the crash caused an error that could not be corrected simply by reopening the application, but it was need to uninstall and reinstall the software. Not only that, because it seems that the restoration would also be compromised, therefore it would have been impossible to re-enter the group chat losing all the history.
An attacker could therefore create a sort of loop by exploiting the vulnerability to continue crashing the application. But how does it work, how do you become at risk? The cybercriminal enters the WhatsApp group and sends a special message modified with malicious code through the WhatsApp Web online platform also using a web browser debugging tool.
The result of the crash discovered by the Check Point team affects all members of the group by continuing to tilt the application with theinability to return. The bug insinuates itself in communications between WhatsApp and WhatsApp Web by accessing and manipulating what can be defined as the "participant parameter" which contains information such as the telephone number for identification purposes.
Check Point Research has already communicated the bug to WhatsApp on the occasion of the bounty bug program on August 28th with the result that the corrections were included in version 2.19.58 distributed last September, which, moreover, finally put a block on the indiscriminate addition of users to unwanted groups.
In general, to avoid problems the number one advice is always to keep the application updated the latest version available for both Android and iPhone.