CP
cyberpings
VulnerabilitiesHIGH

WhatsApp Vulnerability - 4th View Once Bypass Discovered

SWSecurityWeek
WhatsAppMetaView OnceTal Be’ery
🎯

Basically, a researcher found a way to save disappearing messages on WhatsApp.

Quick Summary

A researcher has uncovered a fourth way to bypass WhatsApp's View Once feature. Meta will not fix this vulnerability, raising serious privacy concerns for users. This highlights ongoing issues with the app's security measures.

The Flaw

A new vulnerability has emerged in WhatsApp's View Once feature, allowing users to bypass its intended privacy controls. This feature was designed to let users send media that disappears after being viewed, preventing saving or forwarding. However, researcher Tal Be’ery has discovered a method to download this media before it vanishes. This is the fourth such bypass he has uncovered, indicating a persistent issue within the app's security framework.

Be’ery's discovery highlights a significant gap in WhatsApp's security, as he has previously reported similar vulnerabilities that were patched. The latest method involves using a modified client application, which Meta has stated falls outside its security model. This raises questions about the effectiveness of WhatsApp's privacy measures and the company's commitment to user security.

What's at Risk

The implications of this vulnerability are serious. Users who rely on the View Once feature for privacy may unknowingly expose sensitive media to unauthorized saving and sharing. This could particularly affect individuals sharing personal or confidential information, as the feature was designed to enhance privacy in trusted communications.

Moreover, the ability to exploit this vulnerability through modified clients or browser extensions could lead to mass exploitation. Be’ery's warning from September 2024, when a previous bypass was exploited in the wild, serves as a reminder of the potential risks associated with this feature. Users may feel secure sending disappearing media, but this vulnerability undermines that trust.

Patch Status

Despite being informed of the vulnerability, Meta has decided not to patch it. The company argues that the issue arises from the use of modified clients, which they do not cover under their bug bounty program. Meta maintains that while they continue to enhance the View Once feature in official clients, they cannot prevent all forms of content capture, especially when users can resort to alternative methods like using another device to record the content.

This lack of action from Meta is concerning, especially since previous vulnerabilities involving modified clients were addressed. Be’ery has expressed disappointment, noting that the inconsistency in Meta's response to these issues could lead to further exploitation of the View Once feature.

Immediate Actions

In light of this vulnerability, users should exercise caution when using WhatsApp's View Once feature. Here are some recommended actions:

  • Limit Sensitive Sharing: Avoid sending highly sensitive media through the View Once feature.
  • Educate Yourself: Stay informed about potential vulnerabilities and how they may affect your privacy.
  • Use Alternative Methods: Consider using other secure messaging platforms that offer stronger privacy guarantees.

Be’ery has suggested implementing a digital rights management (DRM) system to mitigate these risks. However, Meta has dismissed this idea, arguing that it may not align with the private messaging model. As users navigate these vulnerabilities, understanding the limitations of the View Once feature is crucial for protecting personal information.

🔒 Pro insight: Meta's refusal to patch this vulnerability could embolden attackers, as it signals a lack of commitment to user privacy in modified client scenarios.

Original article from

SecurityWeek · Eduard Kovacs

Read Full Article

Share

Related Pings

HIGHVulnerabilities

iOS Vulnerabilities - DarkSword Exploit Kit Uncovered

A new exploit kit, DarkSword, targets iOS vulnerabilities for surveillance. Millions of iPhones are potentially compromised. Users must update their devices to stay safe.

SecurityWeek·
MEDIUMVulnerabilities

UIDAI - Launches Bug Bounty Programme for Aadhaar Security

UIDAI has launched a Bug Bounty Programme to enhance Aadhaar security. This initiative invites experts to identify vulnerabilities in the system. It's crucial for protecting the personal data of over a billion residents.

Cyber Security News·
HIGHVulnerabilities

Ubuntu Vulnerability - Local Attackers Can Gain Root Access

A critical vulnerability in Ubuntu allows local attackers to gain root access. This flaw affects users of Ubuntu Desktop 24.04 and newer. Immediate updates are essential to protect against potential system compromise.

Infosecurity Magazine·
HIGHVulnerabilities

Vulnerabilities - Claude Users Face Data Theft Risks

A trio of vulnerabilities in Claude could expose users to data theft. This flaw allows attackers to exploit Google searches, threatening enterprise networks. Stay vigilant and watch for updates.

Dark Reading·
CRITICALVulnerabilities

Critical Vulnerability - Unpatched Flaw in Telnetd Exposed

A critical flaw in GNU InetUtils telnetd has been discovered, allowing remote attackers to execute code with elevated privileges. This affects all versions, posing severe risks to systems. Users are urged to disable Telnet services until a patch is available to avoid exploitation.

Security Affairs·
HIGHVulnerabilities

WebKit Vulnerability - Apple Patches Critical Security Flaw

Apple has issued critical patches for a serious WebKit vulnerability affecting iOS and macOS. This flaw allows malicious content to bypass security measures, risking user data. Immediate updates are essential to protect against potential attacks.

Cyber Security News·