State-owned cyber security agency Indian Computer Emergency Response Team (CERT-In) has warned WhatsApp users to update their messenger app as soon as possible.
It has come to light that WhatsApp has a couple of security vulnerabilities--CVE-2022-36934 and CVE-2022-27492-- that could allow hackers to use video calling or even send corrupt video files to infiltrate a targeted user's phone with malware. Once inside, bad actors can remotely execute an illegal operation or take control of the targeted phone.
CERT-In has marked the vulnerabilities as severe and users are advised to update their WhatsApp to the latest update versions. Even WhatsApp Business accounts should also upgrade to the latest update.
WhatsApp has mentioned the same on its security advisories bulletin. Messenger app users can manually update to the latest WhatsApp version by going to Apple App Store (for iOS)/ Google Play (for Android) >> type WhatsApp Messenger >> tap update
If the app has already been updated to the latest version, you need not have to worry much.
[Note: If you have allowed the app to automatically update via Wi-Fi, the app will do itself whenever the phone connects to a Wi-Fi router]
There is no official word on whether the vulnerabilities on WhatsApp were actively exploited or not.
It should be noted that in late 2019, there was a huge scandal over vulnerabilities in WhatsApp that allow state-sponsored espionage on human rights activists and journalists around the world including India.
Some state security agencies had used the Pegasus spyware from Israel-based NSO Group. Meta-owned company has even filed a lawsuit the latter for illegal tracking of users with WhatsApp messenger app.
Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.