Facebook launches new website to track vulnerabilities discovered in WhatsApp, collecting already fixed vulnerabilities found in the chat app. The company has already published six previously unpublished vulnerabilities on the site.
With the website, the company is working to make its service improvement processes more transparent. With this, Facebook is responding to a long-standing request from the chat community, as the company said there was a recurring need to create a centralized interface for organizing vulnerabilities. Fixed bugs cannot be reported in detail in the release notes of all patches due to the policies of the app stores that host the apps, most of the time only referred to comprehensively as a “security fix.”
The interface will be updated monthly by the company, and more frequently if necessary, for example in the event of an active attack. The site not only lists recent vulnerabilities, but also archives the bug fixes in WhatsApp and third-party libraries used by the app until 2018.
Among the 2020 vulnerabilities published by arming the security website, several Vulnerability in CVE-2020-1894 could allow potential attackers to execute arbitrary code in an Android and iOS app on WhatsApp and WhatsApp Business with a properly prepared voice message, CVE-2020-1889
The bugs listed on the new page include not only vulnerabilities that have already been exploited by attackers and have been patched, Facebook will post all bugs fixed in the application on the interface. , even if there is no indication of an attack on that bug.
Gellert is Technology Editor at Counting News Media and contributor at other major tech publications. Her interests includes testing new gadgets and reading.