WhatsApp: This Thursday (2), the digital security research firm Check Point Research (CPR) revealed details about a vulnerability in the use of images with filters in WhatsApp. The vulnerability could crash the program and even reveal sensitive memory information.
The error was reported to the messaging service in November 2020 and resolved in version 220.127.116.11 of the application, available since February this year. According to CPR, no users were impacted by the problem.
And how did it happen?
According to the company, the vulnerability occurred when a WhatsApp user received a malicious image. By applying a filter and uploading the modified file, the app could crash and open security holes.
Described as a theoretical problem that requires “complex steps and extensive interactions between users”, the error was identified during the firm’s research into the use of images in the app. The academics used their own program to create defective photos, modifying files through a process called “mutation”.
Researchers identified that certain images could not be sent by the app. So, through the use of filters, which modify original pixels to achieve varied effects, such as blurs and glare, an attempt was made to make the files usable. Thus, it was found that changing filters in changed GIFs causes a crash in the app.