The vulnerability in WhatsApp, which the chat service announced on Monday and has now closed, has it all. Via this monitoring software can be installed on smartphones. Because the weak point was the implementation of internet telephony, the devices could be infected with a prepared WhatsApp call. Through the opening, third parties could gain access to the device in question. The WhatsApp call did not even have to be answered.
But what does this new vulnerability mean for users? What security measures should this take? An overview:
What should Whatsapp users do now?
As a first step, Whatsapp users must update the messenger app software. This measure also recommends WhatsApp. The security patch must be closed with the latest patch. An update is recommended for both Android and iOS devices. According to Facebook, both operating systems are affected.
Which WhatsApp versions are safe?
The malware affects all older versions of WhatsApp. According to the news site "heise.de" the following versions are up-to-date:
- Android: v2.19.134
- Company for Android: v2.19.44
- iOS: v2.19.51
- Business for iOS: v2.19.51
- Windows Phone: v2.18.348
- Tizen: v2.18.15
All WhatsApp users who have an older version on their smartphone are advised to perform an update.
How do you find out which WhatsApp version you have just installed on your phone?
IPhone users can find the WhatsApp version currently installed on the phone under the "Settings" menu item and then under "Help". The path is the same for Android users, but under "Help" they still have to go to the "App info" box.
How can software and messenger app be updated?
The online portal «watson.ch» has published a manual for securing the smartphone during the current vulnerability. It refers to Apple iOS 12.3 for iOS devices that Apple released on Monday night. Users must therefore install the system update and also WhatsApp update. The current WhatsApp version is 2.19.51. The vulnerability is closed with her.
Android users can upgrade via the Google Play Store. See "My apps and games" and "Updates" for a list of apps that are ready to be updated. The leak can be closed via WhatsApp version 2.19.134. Android users can be updated via the "System" or "Security and location" menu item. The "Security Update" field can be used to check for updates.
Is there danger after the update?
According to WhatsApp, the leak was closed when updating the WhatsApp app. However, it is still recommended to keep the smartphone operating system up-to-date.
How do you know if your own phone is being hit by the attack?
The attacks themselves worked on WhatsApp calls. It was sufficient to hack the device if the attacker had contacted the victim's device via a compromised call. The person involved did not even have to answer the call. With WhatsApp call history, users can find out if they are being hit by an attack. Those who have missed WhatsApp calls from weird numbers, usually at odd hours such as the middle of the night, can be affected. Facebook, WhatsApp's parent company, has not informed about what users should do in such a case.
Are there alternatives to WhatsApp?
If WhatsApp has generally become unsafe after the latest vulnerability, there are a number of alternatives. Experts have been advising for some time now for safety and privacy reasons to remove WhatsApp from the smartphone and replace it with alternatives. Some of the most popular secure messenger apps are Telegram and Threema.