Facebook Inc's WhatsApp messenger service said on Wednesday it has fixed the latest bug on its platform that allowed hackers to take over users' applications when they answered an incoming video call. The researcher has explained the vulnerability as a "memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation".
Natalie in a bug report notes that the "heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet". In practice, the malformed packet that triggers the crash could be sent via a simple call request.
Only WhatsApp's Android and iOS clients are affected, as they're the only ones who use the Real-time Transport Protocol (RTP) for video conferencing. "Just answering a call from an attacker could completely compromise WhatsApp".
According to the Register, WhatsApp users on mobile can protect themselves from the flaw by updating to the app's latest version, in which the bug has been patched.
Reports of WhatsApp bug have come from one more place.
"We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable". This vulnerability was first reported in 2017 by an Israeli web developer. It does, however, suggest that users will want to be extra-vigilant, both in locking down their account info and refusing to accept calls from strangers.
WhatsApp's "Status " feature allows users to share text, photos, videos and animated GIFs that disappear after 24 hours. The hacker can access the user's voicemail account and get access to that verification code which can be used to hack the app.