A WhatsApp security vulnerability could allow attackers to crash the iOS app as soon as you answer a call, and could potentially be used to hack your iPhone …

The Register reports that the flaw was reported to WhatsApp in August, and has been patched in the latest version – so you’ll want to check for an update.

Google Project Zero whizkid and Tamagotchi whisperer Natalie Silvanovich discovered and reported the flaw, a memory heap overflow issue, directly to WhatsApp in August. Now that a fix is out, Silvanovich can go public with details on the potentially serious flaw.

According to Silvanovich’s report, the bug is triggered when a user receives a malformed RTP packet, triggering the corruption error and crashing the application. In practice, the malformed packet that triggers the crash could be sent via a simple call request.

“This issue can occur when a WhatsApp user accepts a call from a malicious peer,” Silvanovich explained.

It’s not clear whether the WhatsApp security flaw could be exploited for remote code execution, but this is a possibility, and a sufficient risk for a fellow Google researcher to describe it as ‘a big deal.’

“This is a big deal,” tweeted Travis Ormandy. “Just answering a call from an attacker could completely compromise WhatsApp.”

The same vulnerability was present in the Android app, which has also been patched. The Register says it is still waiting to hear from Google on more details, for example whether the desktop app is similarly affected.

It’s not the first time of late that a WhatsApp security issue has been identified. Back in August, it was discovered that it was possible for an attacker to change both the content and the sender of a WhatsApp message after you’ve received it.

Image: Shutterstock

Check out 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear