Security News > 2022 > September > WhatsApp “zero-day exploit” news scare – what you need to know
For the last day or two, our news feed has been buzzing with warnings about WhatsApp.
Even access to a single "Sandboxed" app and its data can be all that an attacker wants or needs, especially if that app is the one you use for communicating securely with your colleagues, friends and family, like WhatsApp.
Any known vulnerability in WhatsApp that might be exploitable for snooping purposes is well worth patching as soon as possible, even if no one ever figures out a working exploit for stealing data or implanting malware.
The good news here is that the bugs listed here were apparently patched close to a month ago, even though the latest reports we've seen imply that these flaws represent a clear and current danger to WhatsApp users.
As the WhatsApp advisory page points out, these two so-called "Zero-day" holes are patched in all flavours of the app, for both Android and iOS, with version numbers 2.22.16.12 or later.
According to Apple's App Store, the current version of WhatsApp for iOS is already 2.22.19.78, with at five intervening updates released since the first fix that patched the abovementioned bugs, which already dates back a month.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit (source)
- NSO Group used another WhatsApp zero-day after being sued, court docs say (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)