27 C
Jaipur
Sunday, October 25, 2020

Facebook fixes Instagram bug that could turn your phone into spying tool

Must read

Netflix’s Blood of Zeus is no Castlevania, but it should tide you over until season 4

Honestly, I was pretty thrilled when Netflix announced Blood of Zeus. A mature anime miniseries, drawing on Greek mythology, made by the studio behind...

Lenovo Legion Phone Duel, a bizarre new gaming phone, is available to buy now

If you're looking to buy a new gaming phone the Lenovo Legion Phone Duel is out today, and it might be great for the...

Packers vs Texans live stream: how to watch NFL week 7 online from anywhere

The Green Bay Packers roll into week 7 with an impressive 4-1 record and all signs point to that becoming 5-1 after today's game...

Steelers vs Titans live stream: how to watch NFL week 7 online from anywhere

Two of the NFL’s three remaining undefeated teams do battle at Heinz Field today in the pick of week 7's games. After a three-week...

Facebook has patched a critical vulnerability in Instagram that could have given an attacker the ability to take over a victims Instagram account, and turn their phone into a spying tool, simply by sending them a malicious image file. Also Read – FarmVille to be shut down this year; will still be playable until December 31

When the image is saved and opened in the Instagram app, the exploit would give the hacker full access to the victim’s Instagram messages and images, allowing them to post or delete images at will, as well as giving access to the phone’s contacts, camera and location data, according to cyber security researchers at Check Point. Also Read – LinkedIn gets stories, lets users post disappearing videos like Instagram

An attack can be triggered once a malicious image is sent via email or WhatsApp and then saved on a victim’s device. The researchers revealed the critical vulnerability as remote code execution (RCE) that allows an attacker to take over a computer or a server by running arbitrary malicious software (malware). Also Read – Apple to stop charging App Store fees from Facebook till 31 December

“This vulnerability can allow an attacker to perform any action they wish in the Instagram app. Since the Instagram app has very extensive permissions, this may allow an attacker to instantly turn the targeted phone into a perfect spying tool – putting the privacy of millions of users at serious risk,” the cyber security firm revealed in a blog post on Friday.

Instagram is one of the most popular social media platforms globally, with over 100 million photos uploaded every day, and nearly 1 billion monthly active users.

Watch Video: Best Budget Smart TV’s to buy in India

“The vulnerability we found was in the way that Instagram used Mozjpeg– an open source project used by Instagram as its JPEG format image decoder for images uploaded to the service,” the researchers explained.

The company disclosed the findings to Facebook and the Instagram team. Facebook described the vulnerability as an “Integer Overflow leading to Heap Buffer Overflow” and issued a patch to remediate the issue on the newer versions of the Instagram application on all platforms.

“The patch for this vulnerability has already been available for 6 months prior to this publication, giving time to the majority of users to update their Instagram applications, thus mitigating the risk of this vulnerability being exploited,” the researchers informed.

“We strongly encourage all Instagram users to ensure they are using the latest Instagram app version and to update if any new version is available”.

Written with agency inputs





Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Netflix’s Blood of Zeus is no Castlevania, but it should tide you over until season 4

Honestly, I was pretty thrilled when Netflix announced Blood of Zeus. A mature anime miniseries, drawing on Greek mythology, made by the studio behind...

Lenovo Legion Phone Duel, a bizarre new gaming phone, is available to buy now

If you're looking to buy a new gaming phone the Lenovo Legion Phone Duel is out today, and it might be great for the...

Packers vs Texans live stream: how to watch NFL week 7 online from anywhere

The Green Bay Packers roll into week 7 with an impressive 4-1 record and all signs point to that becoming 5-1 after today's game...

Steelers vs Titans live stream: how to watch NFL week 7 online from anywhere

Two of the NFL’s three remaining undefeated teams do battle at Heinz Field today in the pick of week 7's games. After a three-week...

Why a sports watch is a great investment – even if you hate sports

A few days ago, Garmin released its latest feature-packed watch - one designed not for running, boating or driving, but for gaming. The Garmin...