[ALERT] ADVISORY ON WHATSAPP VULNERABILITY

Submitted by IRTeam on Wed, 05/15/2019 - 13:31

A vulnerability is discovered in WhatsApp messaging app that exploit and inject spyware onto Android and IOS phones. By just simply calling the target,The spyware (known as NSO Pegasus), can be installed without trace and without the target answering the call.

Once installed, the spyware can turn on a phone’s camera and mic, scan emails and messages, and collect the user’s location data.

WhatsApp is urging its 1.5 billion global users to update the app immediately to close the security hole.

Affected Software

WhatsApp for Android prior to v2.19.134
WhatsApp Business for Android prior to v2.19.44 
WhatsApp for iOS prior to v2.19.51 
WhatsApp Business for iOS prior to v2.19.51 
WhatsApp for Windows Phone prior to v2.18.348 
WhatsApp for Tizen prior to v2.18.15

Recommendations

Users are advised to upgrade to the latest version of WhatsApp as soon as possible.

This can be done by updating the app through Google Play or the App Store.
https://www.whatsapp.com/android/
https://www.whatsapp.com/appstore/