WhatsApp on Monday said no user data was affected owing to a new vulnerability where a specially-crafted malicious MP4 file could be used to trigger remote code execution (RCE) and denial of service (DoS) cyber-attacks when downloaded by a user on both Android and iOS devices.
Reports on Sunday claimed that hackers can use the WhatsApp vulnerability to deploy the malware on the user’s device to steal sensitive files and snoop on them – the way an Israeli software Pegasus developed by cyber intelligence company NSO Group did by exploiting the video calling system in the Facebook-owned to snoop on 1,400 selected users globally and in India, including human rights activists and journalists.
“WhatsApp is constantly working to improve the security of our service. We make public, reports on potential issues we have fixed consistent with industry-best practices. In this instance, there is no reason to believe users were impacted,” a company spokesperson said in a statement shared with IANS.
The micro-blogging platform has already issued a security update on this bug.
Facebook had earlier issued an advisory, saying “a stack-based buffer overflow could be triggered in WhatsApp by sending a specially-crafted MP4 file to a WhatsApp user.”
“The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”
The vulnerability is classified with “critical” severity that affected an unknown code block of the component MP4 File Handler in WhatsApp.
The Pegasus-NSO Group issue snowballed into a political one, with the Indian government directing WhatsApp to submit a reply over the matter.
The government also denied either purchasing or planning to purchase the infamous software in question.
The new vulnerability is found in Android versions prior to 2.19.274; iOS versions prior to 2.19.100; Enterprise Client versions prior to 2.25.3; Business for Android versions prior to 2.19.104; Business for iOS versions prior to 2.19.100; and Windows Phone versions before and including 2.18.368.
The RCE vulnerability may allow hackers to perform the attack remotely without any sort of authentication.
WhatsApp Launches New ‘Together at Home’ Sticker Pack for Coronavirus Lockdown Chats
WhatsApp has introduced a new sticker pack called ‘Together at Home’. The instant messaging giant has partnered with World Health Organisation (WHO) to create these new stickers to reflect the feelings and emotions that people across the globe are going through at the moment. These new stickers will be available in the English, Hindi, and a host of other languages. WhatsApp introduced stickers two years ago, and since then it has become an important tool of expression on the social platform.
The new sticker pack is called ‘Together at Home’ and it aptly reflects all the moods during this period of staying indoors. It has a sticker that shows a man with a laptop wearing pyjamas depicting the new norm of ‘work from home’. WhatsApp promotes social distancing through stickers that depict an ‘air high five’ and ‘group video calling’. There are stickers inside the pack that show a man binge-watching a series on the bed, another man doing yoga with his dog, reminding people to wash hands, people catching up in balconies, and a female snooping on neighbours using binoculars. There are stickers that celebrate medical heroes as well as personal heroes during the COVID-19 crisis.
The “Together at Home” sticker pack is available within WhatsApp, and can be downloaded for free. It is currently available in English as well as text localised for 10 languages – Arabic, French, German, Hindi, Indonesian, Italian, Portuguese, Russian, Spanish and Turkish. With this new sticker pack, WhatsApp looks to offer more ways to stay connected during the pandemic.
The company has been working on improving the WhatsApp experience recently, especially as more as more people stay and work at home. The latest beta has doubled the group calling limit from four to eight on WhatsApp, and now that it has been enabled for both Android and iOS users, the stable rollout should follow soon.
Is iPhone SE the ultimate ‘affordable’ iPhone for India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.
Two Billion Users — Connecting the World Privately
We are excited to share that, as of today, WhatsApp supports more than 2 billion users around the world.
Mothers and fathers can reach their loved ones no matter where they are. Brothers and sisters can share moments that matter. Coworkers can collaborate, and businesses can grow by easily connecting with their customers.
Private conversations that once were only possible face-to-face can now take place across great distances through instant chats and video calling. There are so many significant and special moments that take place over WhatsApp and we are humbled and honored to reach this milestone.
We know that the more we connect, the more we have to protect. As we conduct more of our lives online, protecting our conversations is more important than ever.
That is why every private message sent using WhatsApp is secured with end-to-end encryption by default. Strong encryption acts like an unbreakable digital lock that keeps the information you send over WhatsApp secure, helping protect you from hackers and criminals. Messages are only kept on your phone, and no one in between can read your messages or listen to your calls, not even us. Your private conversations stay between you.
Strong encryption is a necessity in modern life. We will not compromise on security because that would make people less safe. For even more protection, we work with top security experts, employ industry leading technology to stop misuse as well as provide controls and ways to report issues — without sacrificing privacy.
WhatsApp started with the goal of creating a service that is simple, reliable and private for people to use. Today we remain as committed as when we started, to help connect the world privately and to protect the personal communication of 2 billion users all over the world.
The post Two Billion Users — Connecting the World Privately appeared first on About Facebook.
Facebook Owns Top Four of the Most Downloaded Apps of the Decade
Despite courting controversies for couple of years like data privacy scandals and anti-market practices, Facebook and its family of apps have dominated as most downloaded apps of the decade — with main app Facebook, Messenger, WhatsApp, and Instagram grabbing the top four spots in the top 10 apps of the decade list. According to data analytics platform App Annie, Facebook has dominated the mobile space representing the four most downloaded apps of the decade (the 2010-2019 period).
“Communication and social media apps are consumer favourites, accounting for 7 of the top 10 apps by downloads this decade,” said App Annie.
Other most downloaded apps of this decade were Snapchat (fifth), Skype (sixth), TikTok (seventh), UC Browser (eighth), YouTube (ninth) and Twitter (10th) on the list.
In terms of top 10 apps by all-time consumer spend, video streaming platform Netflix topped the chart, followed by Tinder and Pandora Music.
“Tinder was the most successful dating app of the decade in terms of consumer spend, coming in second place in the overall ranking behind Netflix,” said the report.
Others in the top 10 apps in the consumer spend list were Spotify and HBO Now, among others.
Subway Surfers was the most downloaded app game of the decade, driven by its strong adoption in India which accounted for over 15 percent of its all-time downloads (iOS & Google Play combined).
Games like Clash of Clans, Monster Strike, Candy Crush Saga were the top 3 apps by all-time consumer spend.
“Clash of Clans and Candy Crush Saga stand out as the only two apps to appear on both the top apps by downloads and consumer spend lists. Monster Strike, Puzzle & Dragons and Fate/Grand Order rounded out the top 5 apps by consumer spend for the decade,” said App Annie.
With a 5 percent increase in downloads, and 15 percent growth in consumer spend (excluding third-party Android) year-over-year in 2019, this trend is set to continue in 2020.