If you’re in the habit of opening MP4 files sent to you on messaging apps, you may want to stop that careless habit or you may face having someone have control of your phone. That’s one of the things that WhatsApp users are facing as a “specially crafted” MP4 bug is being used by hackers to have access and control over someone’s smartphone. Fortunately, Facebook has been able to create a patch to fight this, but it’s not yet rolling out to all users.
The ones that are affected are mostly those who were carrying older versions of WhatsApp. So even if you don’t have the patch yet but you’re running a version of the app that’s older than 2.19.274, you may want to update it to a newer version. This is not just to protect yourself from the MP4 bug but also to make sure you’re enjoying the messaging app as you’re supposed to. Other affected users include those running the following:
• iOS versions prior to 2.19.100
• Enterprise Client versions prior to 2.25.3
• Business for Android versions prior to 2.19.104
• Business for iOS versions prior to 2.19.100
• Windows Phone versions before and including 2.18.368
A statement released by Facebook confirms that the issue was seen “parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.” The result may be your app and device will crash, exit, or restart or it will affect your resource consumption, both CPU and memory. Worse, it may let hackers have access to your device and do whatever nefarious task they’re trying to do even though currently they have not detected anything like this used in a widespread manner.
The patch has been released by Facebook but is not yet available for all users as they’re still rolling it out. In any case you should just update to the latest version to be sure and you should also stop opening suspicious-looking MP4 files sent to you.