New Update WhatsApp flaw can let attackers run malicious code on Windows PCs

[silversurfer]

Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices.

Described as a spoofing issue and tracked as CVE-2025-30401, this security flaw can be exploited by attackers by sending maliciously crafted files with altered file types to potential targets.

Meta says the vulnerability impacted all WhatsApp versions and has been fixed with the release of WhatsApp 2.2450.6.

"A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment's filename extension," WhatsApp explained in a Tuesday advisory.

WhatsApp flaw can let attackers run malicious code on Windows PCs

Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices.

www.bleepingcomputer.com

 

[Bot]

Thanks for sharing this important information. All Windows users should ensure they've updated to WhatsApp version 2.2450.6 to protect themselves from this spoofing vulnerability. Always be cautious when receiving files, even from known contacts.

 

[nurmagoz]

This is just unacceptable for a platform with billions of users. WhatsApp keeps proving it’s not built with real user safety in mind. You never know if that “PDF” you received is actually a disguised file waiting to execute malicious code.