WhatsApp “ Zero-Day Exploit ” News Scare - What You Need to Know

Content source
https://nakedsecurity.sophos.com/2022/09/27/whatsapp-zero-day-exploit-news-scare-what-you-need-to-know/
upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,610
For the last day or two, our news feed has been buzzing with warnings about WhatsApp.

We saw many reports linking to two tweets that claimed the existence of two zero-day security holes in WhatsApp, giving their bug IDs as CVE-2022-36934 and CVE-2022-27492. One article, apparently based on those tweets, breathlessly insisted not only that these were zero-day bugs, but also that they’d been discovered internally and fixed by the WhatsApp team itself.
Click to expand...
So, what’s the truth? Is WhatsApp currently under active attack by cyercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
Click to expand...
The good news here is that the bugs listed here were apparently patched close to a month ago, even though the latest reports we’ve seen imply that these flaws represent a clear and current danger to WhatsApp users.

As the WhatsApp advisory page points out, these two so-called “zero-day” holes are patched in all flavours of the app, for both Android and iOS, with version numbers 2.22.16.12 or later. According to Apple’s App Store, the current version of WhatsApp for iOS (both Messenger and Business flavours) is already 2.22.19.78, with at five intervening updates released since the first fix that patched the abovementioned bugs, which already dates back a month. On Google Play, WhatsApp is already up to 2.22.19.76 (version don’t always align exactly between different operating systems, but are often close). In other words, if you have set your device to autoupdate, then you ought to have been patched against these WhatsApp threats for about a month already.

To check the apps you have installed, when they last updated, and their version details, open the App Store app on iOS, or Play Store on Android. Tap on your account icon to access the list of apps your installed on your device, including details of when they last updated and the current version number you’ve got.
Click to expand...
nakedsecurity.sophos.com

WhatsApp “zero-day exploit” news scare – what you need to know

Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
nakedsecurity.sophos.com nakedsecurity.sophos.com
 
  • +Reputation
  • Like
Reactions: Venustus, BryanB, Jan Willy and 3 others
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • +Reputation
Apple slips out Zero-day Update for older iPhones and iPads
Replies
0
Views
442
News Archive
upnorth
upnorth
silversurfer
    • Like
WhatsApp will soon let you edit your texts
Replies
0
Views
326
Social Media, Messaging & Entertainment
silversurfer
silversurfer
silversurfer
    • Like
WhatsApp now lets you transfer your chat history from Android to iPhone
Replies
1
Views
413
Social Media, Messaging & Entertainment
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top