Vulnerabilities In WhatsApp Web Affect Millions of Users Globally

An anonymous reader writes with an alert for anyone who uses the WhatsApp Web application. Check Point researcher Kasif Dekel, according to NetSecurity.Org, has discovered that "to exploit the vulnerability, an attacker simply needs to send a WhatsApp user a seemingly innocent vCard contact card, containing malicious code." When this card is opened from within the app, the executable it contains is run, "further compromising computers by distributing malware including ransomware, bots, remote access tools, and other types of malicious code." Not all users need to panic about this vulnerability, though: the company has rolled out a fix, contained in all versions of WhatsApp Web after v0.1.4481. But with an estimated 200 million users of the web-based version, many users aren't yet using the updated version.

Re:Relevancy?

It's a chat app that carefully cultivated the appearance of being "more private" than text messaging and old IM services like AOL or ICQ. Then it got bought by Facebook for a billion dollars.

I suppose the news here is that it's leaking information to people who aren't paying Facebook for it.