Facebook Messenger Vulnerability
A team of security researchers at Reason Lab, Reason Cybersecurity’s research department, yesterday stated details about a recently discovered vulnerability in the Windows Messenger application.
The specific Messenger version containing the vulnerability is 460.16. The security weakness in the app can be exploited by hackers to open malicious files that are already on the system and thus allow malware to obtain persistence in the system. In other words, the exploitable weakness in Messenger could make it that more difficult to clean your computer from malware threats that have already entered it.
During tests of the 460.16 version of Messenger, the researchers at Reason Lab spotted an unusual call from the app that was trying to load the Powershell.exe file from the directory of Python27. Since access to this directory isn’t limited to only user accounts with Administrative privileges, a malware program could potentially easily access it even if it hasn’t gained Admin rights on the attacked computer. So, if such a call from Messenger to load Powershell.exe gets hijacked by malware, this could allow the malicious program to reroute the call to a non-existent resource, resulting in persistence in the system for the malware program. After that, the malicious software that has successfully invaded your system could carry out different tasks depending on what type of malware it is.
Back in April, the research team notified Facebook about the discovered security flaw and Facebook was quick to patch it up with its next version of Windows Messenger – Messenger 480.5. However, in order for the vulnerability to no longer be present in your Messenger, you need to update the app on your computer to 480.5. Normally, Messenger updates happen automatically so you may already be using 480.5 but it’s worth noting that it sometimes takes a while before automatic updates get downloaded and installed by the system. If you want to be sure that you are running on the latest version, you can uninstall the app and then download it again from Microsoft’s App Store for PCs.
So far, we haven’t read any reports about know malware that exploits this vulnerability in Messenger but it is, obviously, best for the safety of your computer to get the Messenger version where the security weakness has been patched up.
The main reason experts were concerned with this problem has to do with the increased use of Messenger during the lockdown period introduced due to the COVID-19 pandemic. Since people are currently forced to limit their outdoor activities, the use of messaging and social media apps has skyrocketed and a single vulnerability in a major app such as Messenger could potentially mean millions of compromised devices. Fortunately, this vulnerability has been fixed so all that is left now is for users to get the updated version of the app.