On Monday, WhatsApp said: It has addressed errors that were present in old versions of its programs, and that it has no reason to believe that these vulnerabilities have been misused at all.
The official statement came on the heels of a recent advisory issued by India’s cybersecurity agency CERT-In, which warned WhatsApp users of some weaknesses in the application that could lead to the breach of sensitive information.
A WhatsApp spokesperson said: We regularly work with security researchers to improve the many ways in which WhatsApp protects people’s messages, and as is usual in software products, we have addressed bugs that were present in older versions, and we have no reason to believe that they have been misused at all.
The risk assessment advisory report issued by CERT-In, or the Indian Computer Emergency Response Team, said: The vulnerability was discovered for WhatsApp and WhatsApp Business in versions prior to version 2.21.4.18 for Android and in versions prior to version 2.21.32 for iOS.
The consultation described the risks in detail, saying: These vulnerabilities exist due to a problem with configuring the cache and losing boundaries in the audio decoding path.
The warning stated that multiple vulnerabilities in WhatsApp applications could allow a remote attacker to execute arbitrary code or access sensitive information through the target person’s system.
The consultation recommended that users update their devices with the latest version of WhatsApp from the Google Play Store or the iOS App Store to face the threat of vulnerability.
The same spokesperson added that the WhatsApp platform remains secure, and end-to-end encryption continues to work as intended to protect people’s messages.