WhatsApp Security Alert: New Flaw Allows Malware Injection via Malicious Files; Update Your App Immediately

Meta has issued an urgent security advisory for WhatsApp, urging its billions of users to update the application immediately. The call to action follows the discovery of critical vulnerabilities that could allow cybercriminals to inject malicious files directly into a user’s device, potentially compromising personal data and system integrity.

The flaws, which impact both mobile and desktop versions of the app, reportedly allow attackers to bypass standard security filters. If exploited, these "booby-trapped" files could execute harmful code or install spyware without the user’s explicit knowledge, marking one of the more significant security challenges the platform has faced this year. WhatsApp Liquid Glass Update: Meta-Owned App Testing Translucent Interface and First-Party Encrypted Backups for iOS 26.

The Mechanism of the Attack

The primary concern involves how the application processes certain types of incoming media and documents. According to security researchers, attackers can disguise executable malware as seemingly harmless files, such as images or PDFs. In some scenarios, particularly on the Windows desktop client, certain file extensions like Python (.py) or PHP scripts were found to be excluded from WhatsApp’s "block list." This oversight allows these files to be opened and executed directly from the chat interface, bypassing the operating system's standard warning prompts.

Impact on Android and Windows Users

While the vulnerabilities vary across platforms, both Android and Windows users are at risk. On Android, a specific "Zygote injection" flaw (tracked as CVE-2024-31317) was identified. This high-severity bug allows a malicious application to escalate its privileges, potentially gaining system-wide control over the device. For Windows users, the risk centers on file-sharing. Attackers can send a "spoofed" attachment that appears as a standard thumbnail but carries a hidden payload. If a user clicks to view the file, the malicious script can run natively on the machine, leading to remote code execution.

Meta’s Response and Mitigation

In response to these findings, Meta has begun rolling out a series of "under-the-hood" security enhancements. A key part of this strategy includes a transition to the Rust programming language for its media-handling libraries. Rust is known for its "memory-safe" properties, which significantly reduce the types of coding errors that hackers typically exploit to inject malware. Additionally, a new internal verification system called "Kaleidoscope" has been implemented. This system inspects the structure of incoming files for anomalies, such as a file pretending to be a JPG when it is actually an executable. WhatsApp ‘Reshared Many Times’ Label Introduced to Tackle Misinformation in Status Updates; Available Via Android Beta.

How to Stay Safe

Security experts recommend that all users take the following steps to secure their accounts:

• Update Manually: Do not wait for an automatic update. Visit the Google Play Store, Apple App Store, or Microsoft Store to ensure you are on the latest version.

• Disable Auto-Downloads: Go to Settings > Storage and Data and turn off "Media auto-download" to prevent suspicious files from landing on your device automatically.

• Exercise Caution: Avoid opening files or clicking links from unknown senders, even if they appear to be standard images or documents.

• Check Privacy Settings: Review the new "Advanced" privacy options in the app settings, which provide additional layers of protection against advanced exploits.

(The above story first appeared on LatestLY on May 06, 2026 08:24 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).