Ever get a MP4 video file from someone on WhatsApp? Well it’s time to be wary about simply downloading video files from any and everyone. It’s been reported that an MP4 file may use a critical vulnerability to execute snooping attacks on both Android, and iOS devices. The specially crafted MP4 file triggers a remote code execution (RCE) and denial of services (DoS) cyber attack. And as usual, we’re reccomending you update to the latest version of the WhatsApp app to avoid being a victim to this hack.

“The vulnerability is classified as ‘Critical’ severity that affected an unknown code block of the component MP4 File Handler in WhatsApp,” reported gbhackers.com.

Facebook also issued an advisory, where they said:

“A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100.”

So again, this is the time to be wary. There’s too many things out there that could potentially result in a hack. If you’re a victim, hackers can use the vulnerability to deploy malware on the device, which will gain access to your files, as well as used as a surveillance tool to spy on you. Guess it’s better to be safe, than sorry.