Connect with us

WHATSAPP

WhatsApp Says User Data Not Affected by New MP4 File Security Vulnerability

Published

on

WhatsApp on Monday said no user data was affected owing to a new vulnerability where a specially-crafted malicious MP4 file could be used to trigger remote code execution (RCE) and denial of service (DoS) cyber-attacks when downloaded by a user on both Android and iOS devices.

Reports on Sunday claimed that hackers can use the WhatsApp vulnerability to deploy the malware on the user’s device to steal sensitive files and snoop on them – the way an Israeli software Pegasus developed by cyber intelligence company NSO Group did by exploiting the video calling system in the Facebook-owned to snoop on 1,400 selected users globally and in India, including human rights activists and journalists.

“WhatsApp is constantly working to improve the security of our service. We make public, reports on potential issues we have fixed consistent with industry-best practices. In this instance, there is no reason to believe users were impacted,” a company spokesperson said in a statement shared with IANS.

The micro-blogging platform has already issued a security update on this bug.

Facebook had earlier issued an advisory, saying “a stack-based buffer overflow could be triggered in WhatsApp by sending a specially-crafted MP4 file to a WhatsApp user.”

“The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”

The vulnerability is classified with “critical” severity that affected an unknown code block of the component MP4 File Handler in WhatsApp.

The Pegasus-NSO Group issue snowballed into a political one, with the Indian government directing WhatsApp to submit a reply over the matter.

The government also denied either purchasing or planning to purchase the infamous software in question.

The new vulnerability is found in Android versions prior to 2.19.274; iOS versions prior to 2.19.100; Enterprise Client versions prior to 2.25.3; Business for Android versions prior to 2.19.104; Business for iOS versions prior to 2.19.100; and Windows Phone versions before and including 2.18.368.

The RCE vulnerability may allow hackers to perform the attack remotely without any sort of authentication.

NDTV Gadgets360.com

WHATSAPP

WhatsApp Gets Call Waiting Feature on Android, but Without Call Holding: Here Are the Details

Published

on

WhatsApp has begun the rollout of an update for its Android app that brings a highly useful feature – call waiting. As the name clearly suggests, this features alerts users when they receive a WhatsApp call when they are already in the middle of another WhatsApp call with someone else. Rather than automatically disconnecting the second incoming WhatsApp call, users will now get an alert and can choose to either decline it, or disconnect the ongoing WhatsApp call to accept the other one. However, it must be noted that this is not the same as putting a call on hold, since two users can’t be on the same line simultaneously. The feature is now available for both Android, after being made available for the iPhone app late last month.

The latest WhatsApp update for both the beta as well as stable Android channels brings the call waiting feature. It is now available via the Google Play Store. The changelog also mentions the arrival of enhanced group privacy settings and the fingerprint unlock support for the app. We can confirm that the call waiting feature on WhatsApp is now available in version 2.19.352 of the stable Android app, as well as version 2.19.357 and version 2.19.358 of the beta app.

In case you haven’t received the update yet, you can download the stable build from APKMirror here. To recall, in late November, WhatsApp v2.19.120 for iOS brought the call waiting feature alongside a redesigned Chat screen, as well as the ability to quickly send your messages directly from the Braille keyboard when using VoiceOver mode.

How WhatsApp call waiting works?

Prior to the update, when Android users received a WhatsApp call in midst of another WhatsApp call, the incoming call was automatically disconnected and they would see a missed call notification when the existing conversation ended. But following the update, users can choose to pick up the incoming call while talking with another person.

The incoming call UI in WhatsApp now shows a green ‘End & Accept’ button alongside the ‘Decline’ button. If you press the red ‘Decline’ button, the incoming call will be cancelled and you can carry on with your ongoing call. However, if you tap on the ‘End & Accept’ button, the ongoing call will be disconnected so that you can talk to the other person.

Unlike call holding on a regular call over a cellular network, WhatsApp won’t allow you to put the second incoming call on hold and link with two people on the line simultaneously. You either choose to continue with the ongoing WhatsApp call, or disconnect it in order to accept the second incoming call.

In addition to call waiting, the new WhatsApp update also marks the wider rollout of the updated group privacy feature that allows users to decide who can add them to a WhatsApp call. You can check this out by following this path: Account > Privacy > Groups in the settings menu. The changelog of the new stable and beta WhatsApp updates also mentions the arrival of fingerprint lock feature for the app that was announced back in October. You can enable this feature by going to Settings > Account > Privacy > Fingerprint lock.

NDTV Gadgets360.com

Continue Reading

WHATSAPP

WhatsApp Users in Kashmir Being Removed as Internet Shutdown Crosses 120 Days

Published

on

WhatsApp is once again in the news after it was noticed that Kashimiris (specifically, those people living in Kashmir) have started disappearing from group chats on the platform. Many users reported their concerns on social media given the current situation in the valley that has no Internet for over four months. WhatsApp has acknowledged the development in a statement to Gadgets 360, clarifying that the disappearance is due to the long inactivity of WhatsApp accounts. Some of the affected users are likely to permanently lose their account data, including chat logs, images, and videos, if they aren’t able to back up the data in 30 days from the deactivation.

Many people this week began reporting that their Kashmiri contacts were suddenly leaving their WhatsApp groups en masse. This struck them as strange since Internet services are inaccessible in the Kashmir valley thanks to a blockade since the night of August 4, raising the question of how they were able to access the Internet to leave groups.

“Suddenly all my contacts from Kashmir are ‘leaving’ the #Whatsapp groups, and their WhatsApp accounts are getting lost. Remember there is NO internet in #Kashmir from the last 4 months. What kind of sinister moves are these? @facebook @WhatsApp @UNGeneva @UNHumanRights,” wrote one Twitter user.

Some users speculated that WhatsApp deleted the accounts of particularly Kashmiri people. However, a WhatsApp spokesperson told Gadgets 360 that the sudden vanishing of the concerned users were a result of the company’s policy for inactive accounts.

“WhatsApp cares deeply about providing users everywhere with the ability to privately communicate with their friends and loved ones,” the spokesperson said in the statement. “To maintain security and limit data retention, WhatsApp accounts generally expire after 120 days of inactivity. When that happens, those accounts automatically exit all their WhatsApp groups. People will need to be re-added to groups upon regaining access to the Internet and joining WhatsApp again.”

“Kashmir contacts automatically ‘exiting’ from WhatsApp groups today,” one of the users posted while raising the concern on Twitter. “I know they would not have been able to see my messages anyway, but this is heartbreakingly symbolic.”

BuzzFeed News first reported the disappearances of Kashmiri WhatsApp users. The publication quoted some friends and family members who felt dismay due to the removal of their contacts from their group chats.

As per an FAQ listing available on the WhatsApp site, the instant message app completely deletes accounts that remain inactive for up to 30 days. This suggests that it is quite likely that many of the affected users in Kashmir may lose their account data permanently if they don’t activate them or at least back up their information such as chat logs or shared images or videos.

India is an important market for WhatsApp. The Facebook-owned firm has over 400 million users in the country as of July this year. In the recent past, it also used the India user base to test features such as payments and frequently forwarded label.

NDTV Gadgets360.com

Continue Reading

WHATSAPP

WhatsApp Dark Mode Elements Spotted in Avatar Images, VoIP Screen on Android Beta

Published

on

whatsapp

WhatsApp Dark Mode has been in development for the chat service’s Android and iPhone apps for some time now. But now, the latest WhatsApp beta for Android version indicated some notable tweaks pertaining to the ongoing development. The beta update appears to include new avatar placeholders for the WhatsApp Dark Mode. Similarly, there is a new VoIP screen with dark elements. This screen surfaces once a user receives a WhatsApp call. The new changes are a part of the latest WhatsApp beta version for Android. However, they aren’t visible to the public just yet.

The fresh series of Dark Mode-focussed changes exist in the WhatsApp beta version 2.19.354 for Android. This new update includes the avatar images (or placeholder icons) for broadcasts, individual profiles, and groups with a grey background. These would be visible to the users once the WhatsApp Dark Mode is enabled, reports WhatsApp beta watcher WABetaInfo.

whatsapp android dark mode avatar images wabetainfo WhatsApp

WhatsApp Dark Mode elements now spotted in avatar images
Photo Credit: WABetaInfo

WhatsApp by default has the avatar images with a green background — matching the dark green ribbon available at the top. But, this seems to have changed in the latest WhatsApp beta, with new WhatsApp Dark Mode elements.

Alongside the new avatar images, the latest WhatsApp beta version for Android devices seems to have the new VoIP screen dark elements to support the Dark Mode. The new screen will continue to have the green background that exists on the current VoIP screen, but with a darker tint to reduce eyestrain to some extent. It is likely that app would make further interface-level changes before bringing WhatsApp Dark Mode to the public.

whatsapp android dark mode voip screen wabetainfo WhatsApp

WhatsApp could bring a new VoIP screen with dark elements
Photo Credit: WABetaInfo

That being said, the latest WhatsApp Dark Mode tweaks aren’t visible publicly. You can, however, download the latest WhatsApp beta version on your Android device directly via Google Play beta programme or through its APK from APK Mirror.

Last week, WhatsApp beta version 2.19.348 for Android devices was released, and it was spotted adding a self-destructing ‘Delete messages’ feature. The addition could allow users to choose how long they want a new message to be visible to their contacts.

The anticipated WhatsApp Dark Mode is also apparently in the development for many months. It was also spotted testing on iPhone last month. Nonetheless, the Facebook-owned company is yet to showcase its development formally.

NDTV Gadgets360.com

Continue Reading

Trending