July 31, 2021
WhatsApp fixes MP4 bug hack

WhatsApp Fixes a Bug that could be Used by Hackers to Exploit Users’ Devices via MP4 Files

Facebook cross-platform messaging service WhatsApp has fixed a bug that would have allowed hackers to exploit devices through MP4s…

WhatsApp has fixed a notable vulnerability involving malicious MP4 video files that could potentially give attackers the ability to remotely access messages and files stored within the app.

WhatsApp Fixes Security Bug that would Allow Hackers to Exploit User Devices using MP4 Files

The security flaw, identified as CVE-2019-11931 potentially opened the door for attackers to send custom-crafted MP4 file to remotely execute malicious code on victims’ devices without any intervention.

The vulnerability affected Android versions prior to 2.19.274, along with iOS versions released prior to 2.19.100. It likewise affected Enterprise Client versions before 2.25.3 and Windows Phones up to and including 2.18.368. 

Facebook writes in an advisory post

“A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS [denial of service] or RCE [remote code execution].”

Owen E. Richason IV

Covers social media, apps, search and like news. History buff, movie and theme park lover. Blessed dad and husband. Owen is also a musician and is the founder of Groove Modes.          

View all posts by Owen E. Richason IV →