A recently-discovered WhatsApp security vulnerability can make the app unusable, according to security researchers at Check Point.
The issue affects both Android and iOS versions of WhatsApp.
Using a debugging tool in the browser version of WhatsApp, malicious actors can manipulate the WhatsApp protocol and create a specially-crafted message.
The exploit is then performed by sending this message to a group chat. Once opened, the message causes the recipient’s app to crash.
Reopening the app will only result in another crash, while the chat history and data shared in the group is totally wiped out.
Fixing the issue
The only remedy for the crash is to uninstall, redownload and reinstall WhatsApp.
Even after the reinstall, communication on the group is no longer possible.
Additionally, the group will need to be deleted to prevent WhatsApp from crashing again.
Check Point identified the susceptibility in August 2019 and informed the WhatsApp’s developers of the issue, after which an update was rolled out to fix the bug.
For iOS, WhatsApp version 2.19.120 includes the fix, while Android version 2.19.246 and above is no longer affected.
Users are encouraged to update their app if they have an older version.
Check Point previously uncovered another vulnerability in the app which would allow the manipulation of messages in both private and group conversations.
This could allow actors to change the identity of a sender and modify the content of replies.