Government has a warning for these WhatsApp users: What is it and how you can stay safe

The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity alert regarding a security vulnerability in the WhatsApp Desktop application for Windows. The flaw, identified in versions earlier than 2.2450.6, poses significant risks, including unauthorised access, data theft, and malicious code execution.


CERT-In warning for WhatsApp usersAccording to CERT-In, the issue arises from a misconfiguration between the MIME type and file extension handling for attachments. This flaw allows attackers to disguise malicious files as legitimate ones, which, when opened manually within WhatsApp Desktop, can execute arbitrary code on the victim's system. The vulnerability could potentially enable spoofing attacks and compromise user data.


Who is affected?The flaw impacts users who have not updated their WhatsApp Desktop application to version 2.2450.6 or later. CERT-In has urged all users to install the latest version immediately to mitigate risks. The advisory also recommends exercising caution when opening attachments from unknown sources, particularly those with suspicious file names or extensions.


Here’s how WhatsApp users can stay safe

To protect against this vulnerability, CERT-In advises users to:

• Update WhatsApp desktop: Ensure the application is updated to version 2.2450.6 or later.
• Avoid suspicious files: Do not open attachments from untrusted sources or those that appear unusual.
• Maintain system security: Keep your operating system and antivirus software updated to reduce exposure to threats.