Cybersecurity researchers believe that a vulnerability unearthed within Facebook’s Messenger app for Windows has enabled crooks to execute malicious files on PCs. The vulnerability was found in Messenger version 460.16 and was quickly patched after researchers from Reason Cybersecurity shared their troubling findings with Facebook in April.
Researchers have now published their findings. And those who haven’t updated their messaging app from the Windows Store should quickly download the latest version to ensure they’re safe from cybercrooks.
According to the research, the vulnerable Facebook Messenger app triggers a call to load Windows Powershell, which can be leveraged to execute the malware on the system. Since the targeted directory is also in a low-integrity location, malicious programs could access the path without administrator privileges – incredibly worrying as family PCs could be hijacked by children’s accounts with restrictions simply by talking with friends on Facebook Messenger.
Thankfully, Reason Cybersecurity hasn’t discovered evidence of criminals using the exploit to attack Windows PCs in the wild. So, at the moment, the threat is merely academic.
However, exploits like this can be used to maintain access to PCs for extended periods, the research team have warned. With 1.3 billion active users each month, there are an immense number of people using Facebook Messenger – so it could be a little while before researchers are completely reassured nobody was impacted by this flaw. Of course, that total figure accounts users across all devices, but Windows machines are one of the most popular.
- Facebook redesign is here: How to access all-new look and dark mode
As long as you’re running Facebook Messenger version 480.5 or newer from the Windows Store – that doesn’t matter. Since the flaw has been fixed, your computer will be completely shielded from the flaw.
As millions of people work, study and keep in touch with friends and family from home due to the global coronavirus pandemic, this fix couldn’t have come at a worst time.
Due to strict lockdown across the world, Facebook reported a 50 percent increase in messaging and a 1,000 percent increase in time-in-group in calls with three or more people in March alone.
Source: Read Full Article