Set as Homepage - Add to Favorites

【Lily LaBeau Archives】

Source:Inspiration Information Network Editor:Deals Time:2025-06-26 04:37:26

The Lily LaBeau Archivespast few months have not been good to WhatsApp users. Unfortunately, that doesn't look like it's about to change any time soon.

The Facebook-owned messaging app acknowledged and patched a major vulnerability that gave hackers the ability to access files on a victim's computer. All you had to do to fall prey to this attack was click a disguised link preview sent via the messaging app. In other words, it would have been an easy mistake for users to make.

Importantly, this did not affect every single WhatsApp user. Rather, a WhatsApp user had to have the iOS version of the messaging app paired to either a PC or MacOS WhatsApp desktop app.

"A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading," reads the Facebook bug report. "Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message."

In a Feb. 4 blog post, the security researcher who discovered and disclosed the vulnerability detailed his process and noted that WhatsApp should really get its shit together.

"It is 2020," wrote Gal Weizman, "no product should be allowing a full read from the file system and potentially a [remote code execution] from a single message."

Patrick Wardle, a security researcher at Jamf and founder of Objective-See, told Mashable over Twitter direct message that "often desktop versions of apps aren't as well audited or well written ...and thus often open to attacks."

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

He added that this specific specific bug "was likely rather trivial to exploit," but cautioned against people freaking out.

"[Still]," wrote Wardle, "a super neat bug, and had the potential to impact lots of users (I use WhatsApp desktop), so definitely happy a security researcher uncovered it and that FB patched it quickly."

We reached out to Facebook in an effort to determine how many people were vulnerable to this exploit and how many, if any, were actually affectedby it. We've received no response as of press time.

Notably, WhatsApp vulnerabilities can have serious consequences. Just this past month, a security firm hired by Amazon CEO Jeff Bezos claimed in a report that the CEO's phone may have been hacked following the receipt of a malicious WhatsApp message. And while Bezos will be fine, people with less power and resources who fall victim to similar attacks may not fare as well.

Facebook is aware of this, but suggests at least some of the blame should lie elsewhere. Following the news of Bezos' hacked phone, the company's vice president of Europe, the Middle East and Africa, Nicola Mendelsohn, suggested to Bloombergthat Apple is the real problem here.

"One of the things that it highlights is actually some of the potential underlying vulnerabilities that exist on the actual operating systems on phones," Mendelsohn told the publication. "From a WhatsApp perspective, from a Facebook perspective, the thing that we care about the most, the thing that we invest in is making sure that the information that people have with us is safe and secure."

SEE ALSO: Mic on Bezos' hacked phone possibly compromised for months

Which, yeah, great. Making sure WhatsApp information is "safe and secure" sounds great, but perhaps that should include not allowing malicious texts that let hackers access victims' computers? Sounds like a good place to start.

Or, if that's too much, maybe Facebook should start recommending Signal.

UPDATE: Feb. 5, 2020, 2:02 p.m. PST:This story has been updated with comment from Patrick Wardle.

Featured Video For You
WhatsApp bug allowed hackers to access computers with only a text message

Topics Cybersecurity Facebook WhatsApp

Previous:'The Last of Us' Season 2, episode 5: The spores are here!

Next:Fyre Festival and Trump’s Language

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Justin Trudeau met the Queen of England to the internet's delightSnoop Dogg just dragged Rob Kardashian hard for those Blac Chyna picturesGoogle Pixel 5 leak suggests an earlier launch dateYou'll have to switch to the new Facebook look in SeptemberDonald Trump and the first lady of Poland just had the most awkward handshakeJustin Trudeau met the Queen of England to the internet's delightApple's floating store in Singapore is something elseWoman's Twitter request for a wedding date ends in an adorable love storyZoom is down in some parts of the U.S.HBO Max's 'The Fungies!' is the perfect kids' cartoon for vegging out'Bring It On' 20th anniversary: Creators look back on timely themesOlivia Wilde will direct a Sony Marvel movie, possibly featuring spidersSophie Turner thinks Sansa will probably get killed off on 'Game of Thrones'Pixel 4a 5G renders show a familiar design, with 1 surprisePolaroid's new mobile printer turns your iPhone photos into stickersGaga's "The Fame Monster" unmasked the bad romance of 00s celebrityTeslas might get a sensor that detects a child left in a hot car'Bring It On' 20th anniversary: Creators look back on timely themesHobby Lobby buying smuggled Iraqi artifacts is too much for the internet to handleArcade Fire pour scorn on Kylie and Kendall with exquisite take on their terrible T Just kidding: Turns out Ryan Gosling and Eva Mendes are not married NYC bombing suspect charged with using 'weapon of mass destruction' Beyoncé will headline this year's Tidal X benefit show because who else can? Amazon charges customers more by favoring its own products and sellers, report finds Man expertly sums up how horrible it is to see your crush with someone else 'New York Post' manages to make Brangelina divorce all about Jennifer Aniston Steve from 'Stranger Things' finally meets his true son Jean Put down that pug: Vets urge people to stop buying flat Clive Owen returns as The Driver in follow Vine star King Bach will be the host of this year’s Streamy Awards Beats has a new pair of stylish wired headphones for you wireless haters Emma Watson's UN speech calls on universities to address sexual violence on campus Netflix says it knows exactly when you get hooked on its shows British newspapers make the Brangelina split all about them Fire TV vs. Roku vs. Chromecast: Between a set Michelle Obama gave the world a classic Barack impression China's 'lost control' of its Tiangong A heartbroken Adele dedicates her NYC show to 'Brangelina' Climate change poses a major security risk to the U.S. today, intelligence report warns This running back has the NFL's funniest Twitter avatar by far

2.0685s , 8223.8671875 kb

Copyright © 2025 Powered by 【Lily LaBeau Archives】,Inspiration Information Network  

Sitemap

Top

Quick Links