Remote Code Execution (RCE) vulnerability on WhatsApp

14 May 2019

Security researchers discovered a Remote Code Execution (RCE) vulnerability on WhatsApp, which can be exploited by sending malicious codes to targeted phone numbers. Attackers could exploit the vulnerability by using the WhatsApp calling function to call a targeted user's mobile phone and remotely install surveillance software on the device.

Affected Software

WhatsApp for Android prior to v2.19.134
WhatsApp Business for Android prior to v2.19.44
WhatsApp for iOS prior to v2.19.51
WhatsApp Business for iOS prior to v2.19.51
WhatsApp for Windows Phone prior to v2.18.348
WhatsApp for Tizen prior to v2.18.15

Recommendations

Users are advised to upgrade to the latest version of WhatsApp as soon as possible.

This can be done by updating the app through Google Play or the App Store.

Other News

Alerts

Remote Code Execution (RCE) vulnerability on WhatsApp

Other News

Vulnerability in the jQuery library

Remote Code Execution Vulnerability in Apache Tomcat

Vulnerabilities in WPA3

Million users impacted by new SimBad Android adware

VPNFilter malware infects half a million routers!

It's recommended to apply security patches in Adobe-Adobe Releases Security Updates

Blue Whale Game

Bad Rabbit Ransomware

Red Alert 2.0 -new malicious mobile program