WhatsApp Patches Severe Vulnerability, Apple Also Addresses Related Issue
WhatsApp has recently patched a serious vulnerability (CVE-2025-55177) that could have been exploited in combination with an Apple OS-level flaw (CVE-2025-43300) to launch highly targeted attacks. Apple has also patched the related issue, which affected its iOS, iPadOS, and macOS products.
The vulnerability in WhatsApp involved incomplete authorization of linked device synchronization messages. When combined with the Apple Image I/O Framework vulnerability, it could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target's device. This unusual interplay between the two vulnerabilities enabled sophisticated attacks against specific targeted users. Neither WhatsApp nor Apple has released technical details about the exploit.
This is not the first time WhatsApp has faced such issues. In 2019, the messaging app was exploited with a zero-day attack by the NSO Group, impacting over 1,400 Apple users. More recently, in January 2023, WhatsApp accused another spyware company, Paragon, of targeting about 90 of its users with spyware.
Apple patched CVE-2025-43300 on August 20, 2023, and WhatsApp patched CVE-2025-55177 on August 23, 2023. Users are urged to update their devices to the latest software versions to ensure their security. While no other third-party companies have been directly linked to this campaign, users should remain vigilant and stay informed about potential security threats.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- Compromised Wi-Fi Router Causes Airport Delays, Highlights Aviation Cybersecurity Gaps
- Dortmund Customs Find Wage, Employment, and Benefit Fraud in Hotel and Gastronomy Sector
