WhatsApp, Telegram patch flaws in instant messaging applications

    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.
    By: SAN FRANCISCO
    | Updated on: Mar 16 2017, 11:47 IST
    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.
    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.
    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.
    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.

    WhatsApp and Telegram patched flaws in their popular instant messaging applications after security researchers showed that they could seize control of user accounts.

    Researchers with Check Point Software Technologies Inc discovered problems with the way the two apps process some types of files without verifying that they do not contain active code that could be malicious.

    Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.

    Read: WhatsApp two step verification: Here are four reasons to not use the new feature

    They were able to send files to the web-based versions of the products with malicious code while making it seem to be something else, such as a picture. In WhatsApp's case, once opened by the recipient, the code allowed the researchers to get into the local storage of the user and then access the user's account. From there, they could have sent the same malicious attack to all of the users' contacts.

    Telegram's flaw was much more subtle and required "very unusual" behaviour by the victim, such as right-clicking on a video and opening a new tab, said spokesman Markus Ra.

    Read: Whatsapp usage hits all-time high in India, 14 bn messages sent on New Year's eve

    There is no evidence that any similar attacks were actually used in the wild against either company's products, he said.

    "When Check Point reported the issue, we addressed it within a day and released an update of WhatsApp for web," said Anne Yeh, a spokeswoman for that Facebook Inc unit. "To ensure that you are using the latest version, please restart your browser."

    Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.

    First Published Date: 16 Mar, 11:46 IST
    NEXT ARTICLE BEGINS
    keep up with tech