A vulnerability in the WhatsApp for Android that was found, disclosed and patched can still affect thousands of additional apps that have not been patched.
CVE-2019-11932 allows attackers to use a maliciously coded GIF files to remotely execute code was made public on Oct. 2, 2019 and then patched in WhatsApp version 2.19.244 takes advantage of a library called libpl_droidsonroids_gif.so which is part of the android-gif-drawable package that is used in many other applications, Trend Micro reported.
The company found 3,433 apps in the Google Play store that remained unpatched and vulnerable along with several hundred others scattered among another nine third-party online marketplaces.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.