Get Fully Briefed with Yahoo Finance, delivered straight to your inbox.
WhatsApp has published details of a "critical"-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call.
Details of the flaw, tracked as CVE-2022-36934 with an assigned severity rating of 9.8 out of 10, is described by WhatsApp as an integer overflow bug. This happens when an app tries to perform a computational process but has no space in its allotted memory, causing the data to spill out and overwrite other parts of the system's memory with potentially malicious code.
WhatsApp didn’t share any further details about the bug. But security research firm Malwarebytes said in its own technical analysis that the bug is found in a WhatsApp app component called "Video Call Handler," which if triggered would allow an attacker to take complete control of a victim's app.
WhatsApp spokesperson Joshua Breckman told TechCrunch that the bugs were discovered in-house and that the company has seen "no evidence of exploitation."
The critical-rated memory vulnerability is similar to a 2019 bug, which WhatsApp ultimately blamed on Israeli spyware maker NSO Group in 2019 to target 1,400 victims' phones, including journalists, human rights defenders and other civilians. The attack leveraged a bug in WhatsApp's audio calling feature that allowed the caller to plant spyware on a victim's device, regardless of whether the call was answered.
WhatsApp also disclosed this week details of another vulnerability, CVE-2022-27492, rated "high" in severity at 7.8 out of 10, which could allow hackers to run malicious code on a victim's iOS device after sending a malicious video file.
“The manipulation with an unknown input leads to a memory corruption vulnerability,” said Pieter Arntz, an intelligence researcher at Malwarebytes. “To exploit this vulnerability, attackers would have to drop a crafted video file on the user’s WhatsApp messenger and convince the user to play it.”
Both flaws are patched in the latest versions of WhatsApp. Update today.
Facebook users sue Meta, accusing the company of tracking on iOS through a loophole
The local share market has surrendered its early gains and drifted lower this morning as soaring bond yields continue to press on equities.At noon on Wednesday, the benchmark S&P;/ASX200 index was down 25 points to 6468.
What would have been Australia's biggest business deal of the year is officially dead, after being on shaky ground for awhile.A consortium led by US private equity group Kohlberg Kravis Roberts had offered $20 billion for Ramsay Health Care, Australia's largest private hospital chain.
Hackers are threatening to release the private details of 10,000 customers a day until they are paid a $1.5 million ransom. See the latest developments.
Millions of Aussies have cancelled or downgraded their health insurance policies as premiums rise. Find out how you can save.
An Aussie worker has taken to TikTok to share how much money she made in a week doing this job which people have called ‘easy’. Find out more.
While some people view renting as paying off someone else's mortgage, in these suburbs you’d actually be better off not to own. Check out these 30 suburbs.
It’s a volatile time in the markets and the cost of living is weighing heavily on Aussie households. So you may be surprised to know where these Aussies are investing their hard earned money.
Wall Street has slid deeper into a bear market, with the S&P; 500 and Dow closing lower as investors fretted that the Federal Reserve's aggressive campaign against inflation could throw the US economy into a sharp downturn.After two weeks of mostly steady losses on the US stock market, the Dow Jones Industrial Average confirmed it has been in a bear market since early January.
In a surprise announcement national carrier Qantas has been ranked as the fifth best airline in the world in this year’s Skytrax World Airline Awards.
Aussies investors are trusting the advice of financial influencers, despite recent crackdowns on the industry.
The local market is expected to lift slightly, and fuel prices set to hike as the fuel excise is lifted today. This is your Tuesday morning wrap.
As we head into peak wedding season the question of wedding gifts, or more accurately wedding cash gifts comes up. Is it okay for couples to request money instead of gifts and if yes, just how much is expected?
The local market is expected to lift slightly this morning despite another negative session in the US overnight. This is your Tuesday morning wrap.
Wall Street has sunk deeper into a bear market, with the S&P; 500 recording its lowest close in two years as Federal Reserve policy makers showed an appetite for more interest rate hikes, even at the risk of throwing the US economy into a downturn.The benchmark S&P; 500 is down about 24 per cent from its record high close on January 3.
The temporary fuel excise cut ends at midnight tonight. Petrol prices are set to soar by 25 cents per litre. But there’s one simple way to save.
If your details have been compromised, you may be able to replace your driver’s licence for free. See what applies in your state or territory.