WhatsApp Addresses A Security Vulnerability In The Image Filter Function

WhatsApp Addresses a Security Vulnerability in the Image Filter Function 

WhatsApp has patched a vulnerability that could allow an attacker to read sensitive data from the app's memory, including private messages, with the use of a specially crafted image. Check Point Research, a cybersecurity firm, reported the vulnerability to WhatsApp. It existed in the image filter feature of WhatsApp for Android and WhatsApp Business for Android, which allows users to add filters to their images. The Facebook-owned company patched the vulnerability after it was discovered by Check Point researchers and asserted that there was no evidence that the vulnerability had ever been exploited.

The vulnerability, dubbed "Out-Of-Bounds read-write vulnerability," was disclosed to WhatsApp on November 10, 2020 by Check Point Research. WhatsApp took some time to address the issue and finally released a patch in February. It was distributed to end users via the WhatsApp for Android and WhatsApp Business for Android apps, both of which were updated to version 2.21.1.13.

Check Point Research discovered the vulnerability, which is technically a memory corruption issue, while examining how WhatsApp processes and sends images. During the research, it was discovered that the messaging app's image filter function crashes when used with some specially-designed GIF files. This led the researchers to the point at which they discovered the loophole.

Exploitation

According to Check Point Research, the vulnerability could be exploited if a user opens an attachment containing a maliciously crafted image file, attempts to apply a filter, and then sends the image back to the attacker with the filter applied. Thus, the researchers noted that exploiting the vulnerability would have required "complex steps and extensive user interaction" on the part of hackers.

However, if exploited successfully, the vulnerability is said to allow hackers to read sensitive data from the WhatsApp memory, including private messages and previously shared images and videos.

“Once we discovered the security flaw, we immediately notified WhatsApp, which was extremely cooperative and collaborative in issuing a fix. Our collective efforts have resulted in a safer WhatsApp for users worldwide,” Oded Vanunu, Check Point's Head of Products Vulnerabilities Research, said in a prepared statement.

WhatsApp has identified the vulnerability as CVE-2020-1910 on its security advisories page. To further restrict memory access, the platform added two new checks to source and filter images.

“People should have no doubt that end-to-end encryption is still working as intended and that their messages are safe and secure,” WhatsApp stated in a statement provided to Check Point Research. “This report entails a number of steps that a user would have been required to take, and we have no reason to believe that users were impacted by this bug. Having said that, even the most complex scenarios identified by researchers can help increase user security.”

WhatsApp also advised users to keep their apps and operating systems up to date, to download updates as soon as they become available, to report suspicious messages, and to contact the WhatsApp team directly if they encounter any issues while using the app.