Ethical Hacking News
Meta has warned Windows users about a new security vulnerability in WhatsApp that could allow attackers to run malicious code on their devices. Users are advised to update the app to the latest version as soon as possible to patch the issue.
Meta has warned Windows users to update their WhatsApp app due to a security vulnerability that can execute malicious code on devices. The vulnerability, CVE-2025-30401, is a spoofing issue affecting all versions of WhatsApp for Windows. A maliciously crafted attachment could cause the recipient to execute arbitrary code rather than view the attachment. Users are advised to update their WhatsApp app to the latest version and exercise caution when opening attachments from unknown sources.
Meta has issued a warning to its Windows users, urging them to update their WhatsApp messaging app to the latest version in order to patch a vulnerability that can allow attackers to execute malicious code on their devices. The vulnerability, tracked as CVE-2025-30401, is described as a spoofing issue and affects all versions of WhatsApp for Windows.
The problem lies in the way WhatsApp handles attachments on Windows devices. According to WhatsApp's explanation, a maliciously crafted mismatch between the attachment's MIME type and its file opening handler could cause the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening it inside WhatsApp. This means that if an attacker can trick a user into opening a maliciously crafted attachment with a spoofed file extension, they could potentially run malicious code on the device.
The vulnerability was discovered by an external researcher who submitted it to Meta's Bug Bounty program. The company has since released an update for WhatsApp version 2.2450.6, which patches the security flaw. However, it is not clear whether the vulnerability was exploited in the wild before the patch was released.
This latest security issue is part of a pattern of vulnerabilities and exploits that have plagued WhatsApp over the past year. In July 2024, the company addressed a similar issue that allowed Python and PHP attachments to be executed without warning on Windows devices with Python installed. More recently, WhatsApp patched a zero-click, zero-day security vulnerability that was exploited to install Paragon's Graphite spyware.
The use of WhatsApp as a vector for spyware attacks has become increasingly common in recent years. According to reports from security researchers at the University of Toronto's Citizen Lab, WhatsApp has been targeted in numerous spyware attacks, including one in which approximately 90 Android users from over two dozen countries were alerted after mitigating the security issue on WhatsApp servers. The attack vector was addressed without the need for a client-side fix, and WhatsApp decided against assigning a CVE-ID to the vulnerability due to its internal policies.
The exploitation of zero-day vulnerabilities has become an increasingly popular tactic among attackers in recent years. A U.S. federal judge recently ruled that Israeli spyware maker NSO Group used WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices, thus violating U.S. hacking laws. Court documents revealed that the spyware maker's developers reverse-engineered WhatsApp's code to create tools that sent malicious messages that installed spyware, violating federal and state laws.
The impact of this vulnerability is not limited to WhatsApp users alone. As attackers can potentially execute arbitrary code on devices running WhatsApp, this raises serious concerns about the security of Windows PCs more broadly. With the widespread use of messaging apps like WhatsApp, it is essential for device owners to stay vigilant and take steps to protect their devices from potential attacks.
In light of this latest vulnerability, users are advised to update their WhatsApp app to the latest version as soon as possible. Users can do so by going to the Microsoft Store or downloading the update directly from Meta's website. Furthermore, it is essential for device owners to exercise caution when opening attachments or files from unknown sources and to keep their devices up-to-date with the latest security patches.
In conclusion, the WhatsApp security flaw highlights the importance of ongoing vigilance in the face of emerging threats. As attackers continue to exploit vulnerabilities in popular messaging apps like WhatsApp, it is crucial for device owners to stay informed and take proactive steps to protect themselves from potential attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/Exploiting-the-Vulnerability-A-Deep-Dive-into-the-WhatsApp-Security-Flaw-ehn.shtml
https://www.bleepingcomputer.com/news/security/whatsapp-flaw-can-let-attackers-run-malicious-code-on-windows-pcs/
Published: Tue Apr 8 13:16:09 2025 by llama3.2 3B Q4_K_M