WhatsApp user? Here is a zero day warning for you

tech.hindustantimes.com:

WhatsApp is the most used messaging platform across the globe. While it is known for rolling out many new features from time to time to enhance the user experience, the app is in the news now for a severe security bugs and vulnerabilities. The app has reported a vulnerability that might lead hackers to exploit users' data. In addition, CERT-In, the Indian cybersecurity nodal agency has also issued a high-security alert that warns users about the vulnerability that could lead to users losing data. As per the information shared by WhatsApp and CERT-In, this bug affects the Android and iOS versions of the app prior to v2.22.16.12.

Dubbed as CVE-2022-36934: Integer Overflow Bug and CVE-2022-27492: Integer Underflow Bug can help attackers to remotely execute arbitrary code on both Android and iOS devices. The malicious actor can control a user's device by sending a specially-crafted video file, which will let them execute arbitrary code. They can remotely execute commands on someone else's computing device. Usually, remote code executions (RCEs) take place due to malicious malware downloaded by the host. It can happen irrespective of the device's geographic location. These two vulnerabilities were detected by the internal security team of WhatsApp and were marked as “Critical” and received a score of 10/10.

As reported by Cybersecurity News, a threat actor could perform the below mentioned illicit activities by exploiting these vulnerabilities

1. Launch malware

2. Steal sensitive data

3. Watch over the user's activities

4. Hack the entire device

WhatsApp is not new to these vulnerabilities and it rolls out patches with the latest versions of the app. You just have to update to the latest version of the app to make sure there is no