WhatsApp, Meta’s instant messaging and contacting assistance, has posted aspects of a ‘critical’ vulnerability that has been patched in a more recent version of the app but could nevertheless affect more mature put in versions that have not been updated.
WhatsApp, in the update, shared a in depth situation similar to vulnerability CVE-2022-36934, according to which “an integer overflow in WhatsApp for Android prior to v126.96.36.199, Business enterprise for Android prior to v188.8.131.52, iOS prior to v184.108.40.206, Business for iOS prior to v220.127.116.11 could outcome in remote code execution in an set up video connect with.”
According to the facts, the bug would enable an attacker exploit integer overflow, following which they can get accessibility to execute their very own code on a victim’s smartphone by means of a specially crafted movie simply call.
This vulnerability has been offered a severity score of 9.8 out of 10 on the CVE scale.
In the same safety advisory update, WhatsApp also stated a further vulnerability, CVE-2022-27492. According to the social media company, “an integer underflow in WhatsApp for Android prior to v18.104.22.168, WhatsApp for iOS v22.214.171.124 could have prompted distant code execution when acquiring a crafted video file.”
This mentioned, the bug would enable attackers execute the code on the victim’s smartphone using a malicious movie file. The vulnerability was scored 7.8 out of 10.
In an India-associated improvement for the social media platform, the head of WhatsApp’s India payment company, Manesh Mahatme, has stop immediately after additional than a calendar year with the Meta Platforms-owned enterprise to be part of Amazon India, a resource instructed Reuters on Thursday.
Mahatme’s exit arrives at a vital time for WhatsApp, which is trying to get to ramp up its payments company in a very aggressive market and lock horns with a lot more founded players these as Alphabet’s Google Fork out, Ant Team-backed Paytm and Walmart’s PhonePe.
All through his stint at WhatsApp Pay back, the corporation received regulatory approval to a lot more than double its payments offering to 100 million customers in India, its most important sector with more than 50 percent a billion users all round.