Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

mci-pages-sharing
Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100.

If you use the above mentioned versions, update to the latest version and disable the automatic downloading of the media files.