Facebook Patches WhatsApp Flaw Exploited to Spy on Users


Facebook has patched a critical zero-day vulnerability in WhatsApp that can and has been exploited to remotely install spyware on phones by calling the targeted device.


The flaw, tracked as CVE-2019-3568, has been described by Facebook as a buffer overflow in the WhatsApp VOIP stack. The security hole allows an attacker to remotely execute arbitrary code by sending specially crafted SRTCP packets to the targeted phone number.


Facebook addressed the vulnerability on Monday with the release of WhatsApp for An ..