Most of us love to make use of Whatsapp. Of course, that is one place most of us go as soon as we wake up in the morning. The app is very effective for keeping tabs with friends and acquaintances, yet these days, people who make use of it should be concerned about some compromise on their mobile devices. This information is especially for you if you make use of Android phones. iOS users may not be concerned, although the threat could spread there too.
There is something called Remote Code Execution flaw. A developer has intimated the RCE could be used to compromise Whatsapp and even the mobile Android device the app is on. Not much is yet known about it but anyone could be at risk of falling into the problem. Especially so is anyone who makes use of Android 8.1 and 9.0 smartphones. Version 8.0 and Apple’s iOS doesn’t seem to be affected by the threat.
The developer who announced the presence of the threat to Facebook described it as ‘double-free memory vulnerability in Whatsapp image preview library called libpl_droidsonroids_gif.so. How it may execute is really also not known. But an attack may first be in form a received GIF image. It may not matter how the receiver may get it, the seed was sown from Whatsapp.
Apparently, many of us receive images through emails, other messaging apps like skype, or through Whatsapp itself. This means that the danger is not only confined to everything Whatsapp. The execution may start from an image sent over email.
Another thing to note is that if the attacker is using Whatsapp directly and he or she is on your Whatsapp list of friends, the recipient will get the malicious image downloaded directly to your device. It will be an automatic download.
Where the threat will have a means of escalating is when the user opens the WhatsApp gallery. That is the place where a user can preview WhatsApp images and it could trigger the exploit once the folder is opened. So, it doesn’t matter if the user does anything on that page, although Facebook says if the user doesn’t send the image file there is no harm done.
As soon as the user opens the image preview folder in WhatsApp, it gives the attacker a ‘full reverse shell with root’ complete access to all the files on the smartphone. Everything inside the primary phone storage is open to the exploit and so is the content on the microSD card. The bad deed is done.
Now, a few weeks ago, it there was claim that the threat is no longer existing as the Facebook Technical team has fixed the problem. Can we say that we are now totally free?
Facebook assured users that it already makes sure that all WhatsApp users have the latest security features on the app. Is it time to worry? Yes. For one thing, not all WhatsApp users have the latest app on their smartphone for now because the latest patch has just been updated in September 2019. Another way to quickly get a security update through the Play Store is to make the update happen automatically. This certainly has not been done by all Android users.
No one can really get 100 percent security from making use of his mobile phone. The best anyone can do is make sure that their phone is updated regularly and that all the apps get latest patches as soon as possible.