WhatsApp Fixes View Once Bug, Enhancing User Privacy

WhatsApp has successfully addressed a critical privacy vulnerability in its "View Once" feature, preventing malicious users from accessing media that was intended to be viewed only once and then automatically deleted.

The bug, initially discovered by security researchers at Zengo, allowed users to bypass the app's privacy mechanism when using the web application and a rogue browser extension. This flaw essentially rendered the "View Once" feature ineffective, as attackers could easily save and share pictures and videos meant to disappear after a single view.

Tal Be'ery, co-founder of Zengo, highlighted the significance of the fix, acknowledging that while the update is not perfect, it represents a "great improvement" in protecting users' privacy. The research team had responsibly disclosed their findings to WhatsApp, pushing the company to address the security weakness more comprehensively.

The original vulnerability stemmed from how WhatsApp implemented the "View Once" feature across different platforms. Messages were sent to all of a recipient's devices, including those not designed to support the feature, and could be easily manipulated by changing a simple flag in the message's metadata.

WhatsApp has now rolled out updates that prevent browser extensions from accessing media sent through vanishing messages. A company spokesperson stated, "We're constantly building in layers of privacy protection, and that includes rolling out key updates to View Once on web."The fix addresses several critical issues with the original implementation:

Users who previously relied on browser extensions to save "View Once" messages are now reporting that these tools no longer function, indicating the effectiveness of WhatsApp's update.

While the fix is significant, security experts continue to recommend caution. WhatsApp advises users to only send View Once messages to people they know and trust, and to ensure they are using the latest version of the application.

This update underscores the ongoing challenges of maintaining privacy in messaging applications, particularly as platforms expand across multiple devices and interfaces. It also demonstrates the importance of responsible vulnerability disclosure by security researchers in improving digital privacy protections.

Users are encouraged to update their WhatsApp application to benefit from the latest security enhancements and ensure the intended privacy of their "View Once" messages remains intact.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: