1️⃣ WhatsApp patched a critical security flaw that affected Windows PCs, potentially allowing hackers to execute malicious code.
2️⃣ The issue was a spoofing vulnerability in versions prior to WhatsApp 2.2450.6, which could have tricked users into running harmful attachments.
3️⃣ Attackers could exploit this flaw by sending maliciously crafted files that disguised their true nature.
4️⃣ Update your WhatsApp app now to protect your Windows PC from potential exploits and ensure you’re running the latest security fixes.
Listen to the article:
WhatsApp has rolled out a security patch for a recently discovered vulnerability in its Windows app, urging users to update immediately. The flaw, labeled CVE-2025-30401, is a spoofing issue that could have allowed hackers to execute malicious code by disguising harmful files as harmless attachments.
What’s the Issue?
The problem stemmed from how WhatsApp for Windows handled file attachments. While the app displayed attachments based on their MIME type (which indicates a file’s actual content), it relied on the file extension to determine which program should open it. This mismatch created an opening for attackers to disguise executable files as documents or images. If a recipient manually opened a rigged attachment, they could unknowingly launch harmful code instead of simply viewing the file.
This flaw affected all WhatsApp for Windows versions prior to 2.2450.6, meaning anyone using an outdated version was potentially at risk.
How Was It Discovered?
A security researcher uncovered the vulnerability and reported it through Meta’s Bug Bounty program. Meta, WhatsApp’s parent company, acknowledged the issue and quickly released a fix. However, the company has not disclosed whether the flaw had been exploited by attackers before the patch was issued.
What Should Users Do?
The good news? WhatsApp updates automatically for most Windows users. However, to ensure you’re fully protected, you should manually check for updates:
✅Open the Microsoft Store and search for WhatsApp.
✅Click Update if a new version is available.
✅If necessary, reinstall WhatsApp from Microsoft’s official listing to ensure you have version 2.2450.6 or later.
A Growing Focus on Security
This isn’t the first time WhatsApp has had to patch security flaws. Last year, the app fixed a similar issue that allowed Python and PHP files to execute automatically if certain conditions were met. WhatsApp has also dealt with zero-click exploits, including a vulnerability that was reportedly used to install Paragon’s Graphite spyware on targeted devices. If you use WhatsApp on Windows, make sure you’re running the latest version—keeping apps updated is the best way to stay safe.
Discover more from TECH HOTSPOT
Subscribe to get the latest posts sent to your email.
