A bug in WhatsApp for Windows can be exploited to execute malicious code by anyone crafty enough to persuade a user to open a rigged attachment – and, to be fair, it doesn’t take much craft to pull that off.
The spoofing flaw, tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6, and stems from a bug in how the app handles file attachments.
Specifically, WhatsApp displays attachments based on their MIME type – the metadata meant to indicate what kind of file it is – but when a user opens the file, the app hands it off based on its filename extension instead. That means something disguised as a harmless image with the right MIME type but ending in .exe could be executed as a program – if the user clicks it.
“A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp,” WhatsApp’s parent company Meta explained in its security advisory.
[…]
Make sure you’re running a version of WhatsApp for Windows higher than 2.2450.6 to be safe.
[…]
Source: Don’t open that file in WhatsApp for Windows just yet • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft