WhatsApp Flaw on Windows Could Allow Arbitrary Code Execution

by Justin Erickson

A newly identified spoofing issue in WhatsApp for Windows could enable attackers to execute arbitrary code. Malicious files are disguised as regular attachments – such as an image – but when clicked, run as their original malicious file type. It relies on the user manually interacting with the attachment. This flaw has since been patched on version 2.2450.6 of WhatsApp for Windows. If you use WhatsApp on Windows desktop, it is recommended that you stay suspicious of unsolicited files from others, and update to version 2.2450.6 or beyond as soon as possible.