09-04-2025
New WhatsApp Warning—Update Now To Fix Security Flaw
WhatsApp has issued a new warning to update now after fixing a flaw that could allow attackers to ... More plant malware on your device.
WhatsApp has issued a new warning to update now after fixing a flaw that could allow attackers to plant malware on your device. Tracked as CVE-2025-30401, the spoofing issue could see adversaries deploy malware via an attachment such as an image.
The vulnerability, which affects WhatsApp for Windows Desktop prior to 2.2450.6, impacts users interacting with attachments sent through the platform. The spoofing issue stems from a fundamental flaw in how WhatsApp for Windows processes file attachments.
'A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp,' WhatsApp owner Meta said in a security advisory.
WhatsApp has come under fire recently after adding an AI assistant to the app that can't be removed. The latest warning is a reminder that WhatsApp's billions of users that the app is increasingly targeted by cyber attackers keen to take advantage of its customer base.
I contacted WhatsApp owner Meta for a statement and will update this article if the firm responds.
There's no doubt about it, the WhatsApp flaw is nasty, making it important you update as soon as you can. Adam Brown, managing security consultant at Black Duck calls the new WhatsApp flaw 'a particularly nasty vulnerability for the everyday user.'
The WhatsApp issue would allow a malicious program to easily be disguised as an attached image file, Brown says. 'When the user clicks on the attachment in WhatsApp Web for Windows, the program executes on their Windows machine. A malicious attachment could be used for data theft, running malware or spreading it, account and identity theft, or anything a nefarious actor chooses.'
Everyone should be careful when clicking on attachments — even from people they know — and Windows users of WhatsApp should be especially vigilant, says Brown.
Windows WhatsApp users should upgrade to version 2.2450.6 or later to fix the issue.
The vulnerability must not be taken lightly and users should update their software to the newest version now, says Dr Martin Kraemer, security awareness advocate at KnowBe4.
He advises people to be extremely careful when opening attachments or files. 'Think of WhatsApp the same way as email. You would not want to open an unexpected email attachment, especially not from someone you do not know. You also would not want to forward attachments that pose risks to friends or family. If in doubt, delete the message and file.'
So if you use WhatsApp on your Windows device, it's time to update it now. Meanwhile, always be careful what you click on, whether via WhatsApp, email, or another app, and only open images and files from people you trust.
