anGadgets : #1 Product, Gadget & High-tech Discovery Platform
WhatsApp for iOS is updated to correct a security flaw
Home » WhatsApp for iOS is updated to correct a security flaw

WhatsApp for iOS is updated to correct a security flaw

In recent days, we have learned that WhatsApp is preparing a function to let us choose when the temporary messages will disappear. At the same time, the messaging platform has introduced the option to play the audios in three speeds to speed up voice messages to 1.5x and 2x.

Now, according to WaBetaInfo, the WhatsApp app for iOS is receiving an important update that corrects a security flaw related to verification code. This error was discovered a long time ago, but it is now that a measure has finally been put in place to fix it.

In-depth comparison of messaging applications on Android: WhatsApp, Telegram, Messenger, Instagram and LINE face to face

From the private WhatsApp directory to the iCloud keychain

WhatsApp has deployed a new update in its version for iOS with the aim of patching a security flaw. The bug, which has been in the app for some time, is related to the two-step verification system, although it wasn’t a visible problem to users.

You have to go back to last year, when a WhatsApp user discovered that the messaging platform was storing the two-step verification code in a plain text file inside the private directory WhatsApp for iOS.

In principle, being in a private directory, other applications should not be able to see or access it. However, it was discovered that by installing malicious third-party apps or taking advantage of arbitrary Safari code execution, it was possible to access without authorization to those private files.

With the new WhatsApp update, the two-step verification code will be more private. With it, a security solution is implemented that transfer verification PIN from the application sandbox to iCloud Keychain, Apple’s private and secure database used by applications to store their sensitive data.

From WaBetaInfo they affirm that WhatsApp had been planning to launch this security solution for a long time, but, for unknown reasons, they have not done so until today. The security patch that fixes the problem is available to all users who have the WhatsApp version for iOS 2.21.80.

In principle, it is a beta version available for beta testers in TestFlight, but WABetaInfo ensures that it is already on its way to the App Store, so it should reach the stable version in the next few hours. The recommendation, obviously, is to install the new update as soon as it is available. In the case of WhatsApp for Android, a similar solution is not necessary because the bug only affected iOS.

Via | WaBetaInfo

Add comment