![[The AI Show Episode 143]: ChatGPT Revenue Surge, New AGI Timelines, Amazon’s AI Agent, Claude for Education, Model Context Protocol & LLMs Pass the Turing Test](https://www.marketingaiinstitute.com/hubfs/ep%20143%20cover.png)
![Why modern UI is rarely written in C++? [closed]](https://cdn.sstatic.net/Sites/softwareengineering/Img/apple-touch-icon@2.png?v=1ef7363febba)
![From Accountant to Data Engineer with Alyson La [Podcast #168]](https://cdn.hashnode.com/res/hashnode/image/upload/v1744420903260/fae4b593-d653-41eb-b70b-031591aa2f35.png?#)
.png?#)
![Pixel 9a vs. Pixel 8a: The A-series is all grown up [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/Pixel-8a-and-Pixel-9a-wide.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![Apple Posts Full First Episode of 'Your Friends & Neighbors' on YouTube [Video]](https://www.iclarified.com/images/news/96990/96990/96990-640.jpg)
![Apple May Implement Global iPhone Price Increases to Mitigate Tariff Impacts [Report]](https://www.iclarified.com/images/news/96987/96987/96987-640.jpg)
WhatsApp for Windows vulnerable to attacks. Update now!
If you use WhatsApp for Windows, you'll want to make sure you're on the latest version.
In a security advisory, Meta has disclosed a vulnerability that allowed an attacker to run arbitrary code on a user’s system that existed in all WhatsApp versions before 2.2450.6.
WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop versions of WhatsApp are generally used as extensions of mobile apps rather than primary platforms. So, while wide usage of these apps exists, their adoption rate lies likely significantly lower when compared to mobile platforms.
WhatsApp has over 3.14 billion monthly active users as of January 2025, with 73% using Android and 22% using iOS. Using WhatsApp on your desktop offers some advantages that users might appreciate. My excuse is that I can type faster on my laptop and I can make better screenshots of my conversations.
If you use WhatsApp for Windows, you should update as soon as you can.
How to update WhatsApp for Windows
You can find the current version of your WhatsApp for Windows by clicking on the Settings (gear symbol) > Help.
If your version number is lower than 2.2450.6, install a new version by following these steps:
- Click the Start menu and search for Microsoft Store to open it.
- In the Microsoft Store, click on Library located at the bottom left corner.
- Scroll through the list or use the search bar to find WhatsApp Desktop.
- Click on Get Updates or look for an Update button next to WhatsApp Desktop. If an update is available, it will appear here.
- Click the Update button to download and install the latest version of WhatsApp Desktop.
- Once the update is complete, restart the application to ensure all changes are applied.
My WhatsApp was already up to date because I have automatic updates turned on. This is how Microsoft Store on Windows can automatically install app updates.
- Select Start, then search for and select Microsoft Store.
- In the Microsoft Store app, select Profile (your account picture) > Settings.
- Make sure App updates is turned On.
The vulnerability
The vulnerability tracked as CVE-2025-30401 is described by Meta as:
“A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp.”
In other words, it was possible for a sender to disguise the true nature of their attachment by changing the file extension to something harmless, like a jpeg, when in reality it was a malicious file that would be opened with the program the receiver had set as default for such a file.
In the past we’ve seen this used against users that have Python installed on their systems. People were sent a python or php script as an attachment which would get executed without any warning if the receiver opened them.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
