Google just opened up on information about a seemingly exploitable bug in WhatsApp that could have allowed a vindictive caller to take over your device.
Natalie Silvanovich ,a security researcher from Google’s Project Zero security research team discovered and reported the flaw to WhatsApp back in August.
Silvanovich, and a Tamagotchi hacker first spotted the WhatsApp vulnerability. In a bug report, Silvanovich says, “Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet.” The malformed packet that triggers the crash could be sent through a call request. She adds, “This issue can occur when a WhatsApp user accepts a call from a malicious peer.”
WhatsApp, along with many other online calling apps, uses RTP, short for Real Time Protocol, for transmitting voice and video.
RTP was designed to be efficient – for example, it uses UDP instead of TCP, so that data arrives faster but less reliably. (UDP packets aren’t checked to see if they made it to the other end, and can arrive in a mixed-up order; TCP packets are verified and delivered in the order they were sent, which means more network overhead.)
The WhatsApp for Web client was unaffected since it uses WebRTC for video conferencing. The researcher has also published proof-of-concept code and instructions on how to reproduce such an attack.
WhatsApp sent a comment on the bug and its fix, “WhatsApp cares deeply about the security of our users. We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable. We promptly issued a fix to the latest version of WhatsApp to resolve this issue.”
Notably, the bug was fixed on September 28 in the WhatsApp Android client and on October 3 in the iPhone client. Since the WhatsApp bug has been patched, the company recommended users should update to the latest version of the app on Android and iOS.
