Two outdated software bugs addressed, says WhatsApp

PTI, Apr 19, 2021, 5:23 PM IST

Instant messaging app WhatApp on Monday said it has addressed two bugs that existed on its outdated software and that it had no reason to believe that “these vulnerabilities were ever abused”.

The official statement came in the wake of a recent advisory issued by the CERT-In which cautioned WhatsApp users about certain vulnerabilities in the app (application) that could lead to breach of sensitive information.

“We regularly work with security researchers to improve the numerous ways WhatsApp protects people’s messages.”

“As is typical of software products, we have addressed two bugs that existed on outdated software, and we have no reason to believe that they were ever abused,” a WhatsApp spokesperson told PTI in a statement.

The spokesperson added that WhatsApp “remains safe and secure, and end-to-end encryption continues to work as intended to protect people’s messages.”

A “high” severity rating advisory issued by the CERT-In, or the Indian Computer Emergency Response Team, on Saturday had said that the vulnerability has been detected in the software that has “WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32.”

“Multiple vulnerabilities have been reported in WhatsApp applications which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system,” the advisory had said.

The CERT-In is the federal technology arm to combat cyber attacks and guarding the Indian cyber space.

The advisory had recommended users to update their devices with the latest version of WhatsApp from Google Play store or iOS App Store to counter the vulnerability threat.