The Computer Security Incident Response Team, CSIRT, shares the information realesed by Facebook regarding to a vulnerability present in its WhatsApp messaging client.
A buffer overflow could be activated in WhatsApp by sending a specially designed MP4 file to a WhatsApp user. The problem was present when analyzing the elementary stream metadata of an MP4 file and could result in a DoS (denial of service) or RCE (remote code execution).
Android versions prior to 2.19.274
IOS versions prior to 2.19.100
Enterprise Client versions prior to 2.25.3
Previous and included versions of Windows Phone 2.18.368
Business versions for Android prior to 2.19.104
Business versions for iOS before 2.19.100.
Apply the updates published by the manufacturer, available in the application stores corresponding to each operating system (Google Play, App Store, Microsoft Store)