“A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp,” stated the official advisory from Facebook, WhatsApp’s parent company. The spoofing vulnerability, officially tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6 and poses a significant risk to users who interact with attachments sent through the platform. An attacker could craft a file with a misleading combination of MIME type and filename extension, causing users to inadvertently execute arbitrary code when manually opening what appeared to be a harmless attachment. In 2024, security researcher Saumyajeet Das discovered a separate vulnerability in WhatsApp for Windows that allowed the execution of Python and PHP scripts without warning when opened. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. When the recipient opens this attachment directly from within WhatsApp, instead of viewing an image, they would unknowingly execute potentially malicious code. Security analysts note that this vulnerability is particularly dangerous in group chat scenarios, where malicious attachments could reach multiple victims simultaneously. Users of WhatsApp for Windows are strongly encouraged to update their applications immediately to version 2.2450.6 or later, which addresses the spoofing vulnerability. A cybercriminal could send what appears to be a standard image file within WhatsApp, but the attachment might actually have an executable extension.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 08 Apr 2025 05:50:14 +0000