![]() WhatsApp may be crashing on your Mac due to some background processes or activities interfering with it. If you’re dealing with the latter problem, here are some of the best ways to fix the WhatsApp needs to restart on Mac. Other times, WhatsApp Web notifications may not work or the app might just keep restarting on a Mac. Like every piece of software, WhatsApp does carry a fair share of bugs and issues, especially when used on the web or a computer.Īt times, WhatsApp Web may stop working entirely or may open but not sync your messages in real-time. ![]() The moral of the story: keep your apps and devices updated.While WhatsApp may not offer as many features as Telegram or some other instant messaging apps, it’s one of the most widely-used apps. This works for WhatsApp Windows Desktop/Mac Desktop.Įarlier today, we reported on a Philips Hue vulnerability which would not only allow an attacker to control your bulbs but potentially gain access to your whole network. This vulnerability was found when Chrome/78 was the stable version! A few versions before Chrome/78, the ability to use the javascript: trick was patched, and if WhatsApp would have updated their Electron web application from 4.1.4 to the latest which was 7.x.x at the time this vulnerability was found(!) – this XSS would never have existed!Īnd even worse – Since Chromium 69 is relatively old, exploiting a 1-day RCE is possible! There are more than 5 different 1-day RCEs in Chromium 69 or higher, you just need to find a published one and use it through the persistent XSS found earlier and BAM: Remote Code Execution ACHIEVED! That’s right – Chrome/69 – the latest version of the WhatsApp desktop applications provided by WhatsApp is Chrome/69 based. That means my XSS works since this is – after all – a variant of Chromium! Electron constantly updates along with the platform it is based on: Chromium. This makes things super easy for a lot of big companies since it allows them to have one source code for both their web applications and native desktop applications. Electron is a cool platform that lets you create “native” applications using standard web features. These types of applications are written using Electron. He was then able to get that malicious code to read files from either a Windows PC or a Mac. The actual exploit is pretty involved, but the bottom line is that it’s possible for an innocent-looking link in a WhatsApp message to invisibly redirect people to a malicious website and then run some Javascript code to execute code. If you can mess with text, why not do the same with a link? There’s no fix available for that, which is what got Weizman thinking. It built on an earlier issue in which replies could fake the original text…Ī threat actor may use the “quote” feature in a group conversation to change the identity of the sender, even if that person is not a member of the group, as well as the text of someone else’s reply, essentially putting words in their mouth. The vulnerability was discovered by security researcher Gal Weizman. If you use WhatsApp on Mac, you’ll want to make sure the desktop app has been updated to the current version, 0.4.316. ![]() Screengrab is for Windows, but the same thing works on Macs
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |