Vulnerability Management

Patched WhatsApp vulnerability still impacting thousands of apps

A vulnerability in the WhatsApp for Android that was found, disclosed and patched can still affect thousands of additional apps that have not been patched.

CVE-2019-11932 allows attackers to use a maliciously coded GIF files to remotely execute code was made public on Oct. 2, 2019 and then patched in WhatsApp version 2.19.244 takes advantage of a library called which is part of the android-gif-drawable package that is used in many other applications, Trend Micro reported.

The company found 3,433 apps in the Google Play store that remained unpatched and vulnerable along with several hundred others scattered among another nine third-party online marketplaces.

“We took a closer look at some of these applications to verify that they were indeed vulnerable. We extracted the libraries and found that was not updated, confirming that the vulnerability was present,” the report stated

Trend Micro did not list a way for an end user to decipher whether or not an app remains vulnerable to CVE-2019-11932 but instead suggest that developers update

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.