How to Patch These Two RCE Vulnerabilities in WhatsApp

WhatsApp’s internal security team has published a security advisory. According to its security advisory, it addressed both vulnerabilities CVE-2022-36934 and CVE-2022-27492that might allow an attacker to perform remote code execution on the iOS and Android devices on which vulnerable versions of WhatApp is running. Since these vulnerabilities allow attackers to get remote access to a device and issue commands from a distance and could cause undesirable behavior, unexpected crashes, and memory corruption issues, it is worth knowing how to patch these two RCE vulnerabilities in WhatsApp.

Summary of CVE-2022-36934:

WhatsApp discovered the CVE-2022-36934 vulnerability as an integer overflow in WhatsApp. The severity level for this weakness is assessed as 9.8 out of 10. This occurs when an application tries to carry out a computational activity but does not have enough capacity in the memory allocated to it. This causes the data to spill out and overwrite other sections of the memory on the system with possibly harmful code.

A malicious advisory might take total control of the victim’s WhatsApp app by exploiting this integer overflow vulnerability in WhatsApp’s Video Call Handlercomponent during a video call. Malwarebytes has published few technical details on these flaws. Visit their post to read.

Summary of CVE-2022-27492:

This is an integer underflow vulnerability discovered by WhatsApp this week. It is assessed as “severe” with a CVSS score of 7.8 out of 10. It might enable hackers to launch malicious scripts on a victim’s iOS and Android devices when the hacker sends the victim a malicious video file.

WhatsApp Versions Affected by These Flaws:

These vulnerabilities impact WhatsApp users on both Android and iOS, so we recommend every WhatsApp user to take a look at this post since this post covered how to fix RCE vulnerabilities in WhatsApp.

 The versions of WhatsApp are susceptible to at least one of the vulnerabilities are as follows:

Both vulnerabilities impact versions of WhatsApp for Android that are older than v2.22.16.2 and WhatsApp for iOS that are older than v2.22.15.9.

How to Patch These Two RCE Vulnerabilities in WhatsApp?

Since the WhatsApp security team has discovered the RCE vulnerabilities in Whatsapp well on time and took every measure to secretly patch them, there are greater chances that your version of WhatsApp already has the latest update. However, it’s still better to check if you’re protected or not. 

To Patch WhatsApp on iOS:

To Patch WhatsApp on Android:

You may access the Play Store from your Android device by pressing the menu button and then choosing the appropriate option from the resulting drop-down menu. 

How to Check the Version Info of Your WhatsApp?

If you are not sure which version of WhatsApp is running on your iOS and Android. You can get the version info from its ‘Help’ section.

How to Upgrade Your WhatsApp to the Latest Version?

We hope this post would help you know how to patch these two RCE vulnerabilities in WhatsApp. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this. 

You may also like these articles: