security

WhatsApp reports six previously undisclosed vulnerabilities on new security advisory page – Firstpost


WhatsApp has revealed six new vulnerabilities that have been fixed, on its newly created security advisory webpage that will serve as a single destination to highlight all the security issues spotted and fixed on WhatsApp and associated Common Vulnerabilities and Exposures (CVE).

According to a report by TechCrunch, WhatsApp has said that five of the six vulnerabilities were fixed on the same day, while it took a couple of days to fix the remaining bugs. The company has said that they have not found any evidence of any hacker exploiting the vulnerabilities.

The report added that while one-third of the vulnerabilities were reported through the company’s Bug Bounty Program, the others were discovered during routine code reviews and by using automated systems.

According to the security website, of the six new vulnerabilities fixed by WhatsApp, four existed in WhatsApp for Android, of which two were a part of the iPhone platform. The remaining two were specifically related to WhatsApp Desktop versions before v0.3.4932.

According to Whatsapp, while they cannot list security advisories within app release notes due to policies and practices of the app store, the advisory page provides a comprehensive list of WhatsApp security updates and associated Common Vulnerabilities and Exposures (CVE).

WhatsApp said that the details included in CVE descriptions are meant to help researchers understand technical scenarios and does not mean that users were impacted in this manner.





READ SOURCE

Read More   Big Blue shoos Db2 blues before rogue staff turn the screws in hijack ruse (translation: patch your IBM databases) - The Register

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.