WhatsApp Web, the version of the popular messaging service which you can use on your PC’s browser, has just been revealed to have a serious vulnerability that affects more than 200 million people who use the service. This bug can be exploited by wrongdoers for tricking users into executing arbitrary code on their computers.
Dubbed ‘MaliciousCard,’ this vulnerability has thankfully already been fixed by the makers of WhatsApp. They had done that through an update to the web version of their service, which was issued on August 21 after a security firm pointed it out to them.
The MaliciousCard bug could be taken advantage of by just sending a vCard contact card. According to security firm Check Point, the contact cards could contain malicious code and it would still be disguised as a normal contact card.
If a victim opens such a card, the malicious software starts distributing bots, ransomware and other dangerous files on their PC. The vulnerability lies in the improper filtering of contact cards sent in the vCard format in older versions of WhatsApp.
Before the bug was patched, this service used to improperly filter contact cards sent in the vCard format. If executed, its code was hence able to run on Windows easily. Whether Mac users were vulnerable to this is still unknown.
WhatsApp Web was recently updated with a number of new features that brought its experience very close to that of using the service on your smartphones. However, despite all this, it is still missing the option of forwarding images and videos.
WhatsApp Web lets you access the instant messaging service through your desktops by syncing it with your devices. If you haven’t yet, do give it a try once.