The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning for WhatsApp users who access the platform on desktop computers. The agency, which functions under the ministry of electronics and information technology (MeitY), flagged the issue in an advisory published on April 9.
CERT-In said the vulnerability is caused by the way WhatsApp handles certain file types. “The vulnerability exists due to misconfiguration between the MIME type and file extension, leading to improper handling of attachment openings. An attacker could exploit this vulnerability by crafting malicious attachments which could execute arbitrary code when opened manually within WhatsApp,” the agency said.
This means attackers can send files that look harmless but are designed to harm the user's system if opened in the WhatsApp Desktop app.
The issue affects users who have not updated their app to version 2.2450.6 or later. CERT-In has advised all users to install the latest version immediately to reduce the risk.
Users are also being urged to be cautious when opening files from unknown or untrusted sources, especially if the file name or type looks suspicious.
WhatsApp, owned by Meta, is used by over 400 million people in India. While the app offers end-to-end encryption, security issues on the desktop version can expose users to risks, especially those on Windows systems.
CERT-In said the vulnerability is caused by the way WhatsApp handles certain file types. “The vulnerability exists due to misconfiguration between the MIME type and file extension, leading to improper handling of attachment openings. An attacker could exploit this vulnerability by crafting malicious attachments which could execute arbitrary code when opened manually within WhatsApp,” the agency said.
This means attackers can send files that look harmless but are designed to harm the user's system if opened in the WhatsApp Desktop app.
The issue affects users who have not updated their app to version 2.2450.6 or later. CERT-In has advised all users to install the latest version immediately to reduce the risk.
Users are also being urged to be cautious when opening files from unknown or untrusted sources, especially if the file name or type looks suspicious.
WhatsApp, owned by Meta, is used by over 400 million people in India. While the app offers end-to-end encryption, security issues on the desktop version can expose users to risks, especially those on Windows systems.
You may also like
Wilmer Hutchins High School 'shooting': Huge police response in Dallas after 'gunshots'
ED files chargesheet Sonia Gandhi, Rahul in National Herald case, Congress to hold nationwide agitation
Snooker star intervenes and gets phone out from crowd in World Championship qualifier
Gloria Hunniford forced to quit Celebrity Bake Off after devastating hospital dash
Birkin, Lululemon, and TikTok: How China is using the tariff war for luxury goods to go direct from factory to your feed
