Update WhatsApp now to protect yourself against a serious security risk

(Image credit: Shutterstock)

If you haven't updated WhatsApp on your phone recently, you should do so right now. Facebook has released a new version of the app that patches a security hole that could be exploited to gain remote access to messages and files.

By using a specially crafted MP4 video files, hackers could have accessed files and messages on iOS, Android and Windows Phone versions of WhatsApp. The problem was found in the regular version of WhatsApp, WhatsApp for Business and in the Enterprise client version – affecting a potentially colossal number of users.

But now Facebook has issued a patched version of the popular chat app which addresses the CVE-2019-11931 buffer overflow vulnerability. In a security advisory about the flaw, Facebook explains:

"A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE."

As The Next Web explains, there have been no reported incidents of the vulnerability being exploited in the wild, but that doesn't make it any less serious.

Get patched

So how do you know if you're affected? Facebook explains that the following versions of the WhatsApp app are vulnerable:

  • Android versions prior to 2.19.274
  • iOS versions prior to 2.19.100
  • Enterprise Client versions prior to 2.25.3
  • Windows Phone versions before and including 2.18.368
  • Business for Android versions prior to 2.19.104
  • Business for iOS versions prior to 2.19.100

If you have a newer build of WhatsApp installed, you're safe – just run a check to see if there are any updates available for your handset. The issue highlights the importance of keeping apps up to date to avoid potential security problems.

Sofia Elizabella Wyciślik-Wilson
Freelance writer

Sofia is a tech journalist who's been writing about software, hardware and the web for nearly 20 years – but still looks as youthful as ever! After years writing for magazines, her life moved online and remains fueled by technology, music and nature.

Having written for websites and magazines since 2000, producing a wide range of reviews, guides, tutorials, brochures, newsletters and more, she continues to write for diverse audiences, from computing newbies to advanced users and business clients. Always willing to try something new, she loves sharing new discoveries with others.

Sofia lives and breathes Windows, Android, iOS, macOS and just about anything with a power button, but her particular areas of interest include security, tweaking and privacy. Her other loves include walking, music, her two Malamutes and, of course, her wife and daughter.

You can find her on Twitter and Mastodon.