India’s cybersecurity agency CERT-In (Computer Emergency Response Team) had issued a high security alert for WhatsApp users, specifically those who use it on a computer. They warn that, “A vulnerability has been reported in WhatsApp Desktop for Windows, which could allow an attacker to execute arbitrary code or perform spooking attacks on the targeted system”. This flaw is mainly observed in Windows versions prior to 2.2450.6 and could be exploited through specially coded malicious files.
Are you at risk of a data breach?
CERT-In warns that the issue affects those users who use WhatsApp on their desktops. They stated that there is a high-risk of hackers stealing your personal files and data. Accessing your system and taking over the control without your discretion is also a possibility. Users with the latest version are more safe than others and must always open files from trusted contacts only.
How to stay safe?
- Users must update their desktop WhatsApp to the latest version of the app. (2.2450.6 or above)
- Avoid suspicious looking numbers, especially those who have sent you an attachment on WhatsApp Desktop as it may be unwanted malware.
- Regularly update your Operating System and anti-virus software for an added layer of protection.
- Even if you do receive a link from an unknown number, avoid clicking on it and block the contact.
- Download applications only from trusted sources like Microsoft Store or Play Store.
What has caused the scare?
As per the cybersecurity agency, the vulnerability exists due to a misconfiguration between MIME type and file extension in WhatsApp allows attackers to send malicious attachments that, when opened, could execute harmful code or enable spoofing on the victim’s system.
