A Vulnerability In WhatsApp’s Image Filter May Has to Lead To User Data Being Stolen WhatsApp has just patched an issue in its image filter function which, if exploited could result in sensitive information being stolen.
Although it wouldn’t be able to make a dollar if WhatsApp faced an issue related to user data, we could still grab a nickel. The problems of the social media platform started in early 2021 with its policy update, which threatened to hand over user data to Facebook. Facebook could also loan it out for third-party advertising. WhatsApp finally relented after it received a lot of criticism and had a severely reduced user base. Following this, WhatsApp was embroiled in a dispute with Telegram. Telegram claimed that their end-to-end chat encryption had left user information open to outsiders. We’re nowhere.
This recent vulnerability was spotted by the cybersecurity firm Check Point Research. Although the issue was quickly fixed by WhatsApp’s engineers, it was not likely to have been exploited in any way. The damage could have been severe. It would have taken just one person or group to arrive at the same conclusion Check Point did. The weakness was also easy to exploit. The issue was brought up on the 10th November 2020 and it was finally resolved. But what was the initial issue? Let’s take another look.
The vulnerability was introduced by WhatsApp’s “image filter function”, which is an option in both the regular WhatsApp and WhatsApp Business versions. Check Point called it the Out of Bound Read/Write security vulnerability. It is impossible to determine the exact extent or nature, but there are some general details that can be used to help prevent exploitation. This will reveal the reasons why nobody was able to exploit the vulnerability in the first place.
The exploit’s setup can be very complex and requires a lot of luck. The exploit begins with a malicious user sending a picture intended to pass through the WhatsApp filter and corrupt WhatsApp’s memory. The image that has the filter applied to it would then have to be returned to the malicious user. This is a difficult task to ask the other user to send back the filtered image. The problem is still there and was perhaps brought to the attention by the design team in the nick time.