A new GIF vulnerability could leave your WhatsApp messages exposed

Reading time icon 1 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

WhatsApp has patched a new vulnerability that could potentially lead to WhatsApp messages getting exposed. The vulnerability was related to GIF being sent to the victim by the hacker.

According to Pham Hong Nhat who discovered the vulnerability, just receiving a GIF from someone could trigger the bug as WhatsApp automatically tries to open GIF once they are received. Once the GIF was opened, the hacker could easily gain access to the phone’s storage and even access WhatsApp chats. Pham claims that he reported the vulnerability to Facebook back in late July and the company rolled out the fix in September. Pham noted that the vulnerability works on WhatsApp v2.19.230 and below. The vulnerability was officially patched by Facebook in v2.19.244. The exploit affects Android 8.1 and above. Ironically, older versions of Android had an outdated code which prevented the payload from execution.

Facebook has assigned CVE-2019-11932 to the vulnerability and it is marked as fixed. However, if you haven’t updated WhatsApp in a while then it might be a good idea to do so.

More about the topics: security vulnerability, whatsapp

Leave a Reply

Your email address will not be published. Required fields are marked *