Sign up to our free weekly IndyTech newsletter delivered straight to your inbox
Sign up to our free IndyTech newsletter
A potentially disastrous security flaw has been found in WhatsApp, which allowed strangers to see a person's personal files.
The exploit would have let someone see the information on a person's computer if they sent them a malicious link, security researchers said.
The bug has since been fixed and is not thought to have been exploited.
If someone was attacked by the bug, they would receive a link that may look legitimate, including the small preview that shows when someone sends a link on WhatsApp.
But clicking it would have allowed the attacker to exploit a weakness in WhatsApp's Content Security Policy, which allowed users to send manipulated, malicious messages.
Gadget and tech news: In pictures
Show all 25
Once that happened, an attacker would have been able to gain access to the files stored on the person's computer.
The issue affected people who use the desktop version of WhatsApp, which borrows from the mobile version of the app.
The bug has been fixed in recent updates, and users have been warned to make sure that everything they are using to chat on WhatsApp – the phone app, as well as the one being used on the desktop – should be updated to avoid any issues.
“We regularly work with leading security researchers to stay ahead of potential threats to our users," a WhatsApp spokesperson said. "In this case, we fixed an issue that in theory could have impacted iPhone users that clicked on a malicious link while using WhatsApp on their desktop.
"The bug was promptly fixed and has been applied since mid December.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies