{"id":37705,"date":"2025-04-12T00:03:57","date_gmt":"2025-04-11T22:03:57","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37705"},"modified":"2025-04-11T08:37:11","modified_gmt":"2025-04-11T06:37:11","slug":"windows-pcs-at-risk-from-whatsapp-flaw-cve-2025-30401","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/04\/12\/windows-pcs-at-risk-from-whatsapp-flaw-cve-2025-30401\/","title":{"rendered":"Windows PCs at risk from WhatsApp flaw (CVE-2025-30401)"},"content":{"rendered":"

[German<\/a>]A vulnerability in WhatsApp for Windows (before version 2.2450.6) puts Windows computers at risk. The vulnerability could allow attackers to execute malicious code via WhatsApp message attachments on Windows.<\/p>\n

<\/p>\n

WhatsApp vulnerability CVE-2025-30401<\/h2>\n

The vulnerability CVE-2025-30401<\/a><\/p>\n

relates to a spoofing issue in WhatsApp for Windows prior to version 2.2450.6. These old versions display attachments in WhatsApp messages according to their MIME type. However, the file open handler makes the selection based on the file name extension of the attachment. A malicious attachment could cause the recipient to inadvertently execute arbitrary code when manually opening the attachment in WhatsApp instead of viewing the attachment. There is no evidence of exploitation in the wild.<\/p>\n

\"WhatsApp<\/a><\/p>\n

A few days ago, our colleagues at Bleeping Computer compiled some more information in the article WhatsApp flaw can let attackers run malicious code on Windows PCs<\/a>. In this security advisory<\/a>, Meta warns Windows users about the vulnerability and advises them to urgently update the WhatsApp messaging app for Windows to the latest version.<\/p>\n","protected":false},"excerpt":{"rendered":"

[German]A vulnerability in WhatsApp for Windows (before version 2.2450.6) puts Windows computers at risk. The vulnerability could allow attackers to execute malicious code via WhatsApp message attachments on Windows.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22,2],"tags":[78,69,195,431,194],"class_list":["post-37705","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","category-windows","tag-app","tag-security","tag-update","tag-whatsapp","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=37705"}],"version-history":[{"count":3,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37705\/revisions"}],"predecessor-version":[{"id":37708,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37705\/revisions\/37708"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=37705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=37705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=37705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}