WhatsApp is an app that almost everyone uses, so a vulnerability It represents a very serious problem. Although the fault is found in something secondary such as GIFs, It is important update WhatsApp as soon as possible, because it compromises the security of millions of Android phones.
WhatsApp vulnerability is identified as CVE-2019-11932, and at the technical level it allows the remote execution of code. Put more colloquially, someone can send us a GIF specially designed for take control of many smartphone functions.
To avoid the problem, we must have a WhatsApp version equal to or greater than 2.19.244. All Android smartphones suffer from this fault, but only those with Android 8.1 and 9 are at real risk, as the malicious GIF fails before fulfilling its objective in the previous versions.
The attack will take place in two phases, first they will send us an infected GIF, which is stored in the mobile galley. When we decide send a photo the malicious code is activated, which has access to the same resources as the WhatsApp app itself: conversations, microSD card, camera, microphone …
If you have not already done so, you can follow our tutorial to update WhatsApp, since a corrected version is already uploaded to the Google Play Store.
In principle, there is no evidence that this vulnerability has been used in real environments. It was discovered by a Singapore security expert, who calls himself Awakened, and WhatsApp corrected it after being informed.
That s, the vulnerability comes from a free code fragment, which anyone can integrate into their apps. It is possible that in the following days we will see more developers launching updates of those applications that also use it.
Our recommendation is clear, you must update WhatsApp immediately, because malware could begin to circulate through GIFs that would pose a real risk to users.
How to open a "with yourself" chat on WhatsApp
Are you worried about this vulnerability in WhatsApp? Have you already updated your Android phone to be safe?
