What you need to know
- The latest update for WhatsApp on Mac has patched a serious security flaw.
- The flaw was discovered by security researcher Gal Weizman.
- It allowed users to exploit the quote feature in a group conversation to change the identity of the sender and could be used to redirect people to malicious websites.
An update for WhatsApp on macOS has patched a security flaw that could be used to redirect users to malicious websites.
As reported by 9to5 Mac:
Weizman's blog states:
Giezman went on to research the flaw to see where it was evident and how it could be used. He found four unique security flaws in WhatsApp, including one which could use the reply feature to rewrite messages using the quote feature and incorporate links to malicious websites. He was also able to use malicious code to read files from a Mac.
The full rundown is very complex, but you can read it here. In conclusion, he said:
Version 0.4.316 of WhatsApp for Mac was released on January 24. (opens in new tab)
Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design.
Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple.
If the app was native it most likely wouldn't have had this issue
Get the best of iMore in in your inbox, every day!
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.