WhatsApp struggled with vcard vulnerability in Web Client




WhatsApp WhatsApp has a leak in Web poem that enabled an attacker to open a vCard with malware in the browser. The attacker would have had enough with the phone number of his targets.

WhatsApp Web users can open attachments sent by a third party via the mobile platform, including business cards of the vCard file type. An attacker appeared malicious code as to mask such vcard, allowing a receiver when opening malware carried on its system, warns security researcher Kasif Dekel Check Point. The only thing the attacker needed was the phone number of the WhatsApp account. WhatsApp Web validated files from the vcard-type.

WhatsApp has rolled out an update on August 27 to stop the leak, six days here by Check Point to be noted. Versions later than 0.1.4481 would not have the leak and Check Point recommends that customers who are still at an old version to update it. WhatsApp has 900 million worldwide users, but how many people use the web client is not known.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »