A recently discovered vulnerability, tracked as CVE-2025-30401, affected WhatsApp Desktop for Windows. The flaw involved a spoofing problem where the application displayed attachments based on their MIME type but opened them using the system handler associated with the file extension. This allowed attacker to craft malicious files using MIME types and extensions, tricking users into executing harmful code.
For example, an attachment could appear as an image or document in the WhatsApp but it could be an executable file when opened manually within the app. This poses a serious risk to Whatsapp users who might inadvertently run malicious code believing they were opening a harmless file.
The vulnerability impacted all WhatsApp Desktop versions for Windows before 2.2450.6. Users are urged to update to the latest version to protect against potential exploits. Though now patched, It should be noted that WhatsApp zero-day vulnerabilities have previously been exploited by spyware tools, most notably in the case involving Pegasus spyware developed by NSO Group.
