A newly discovered security flaw in WhatsApp's Windows client could allow attackers to deliver malware through deceptive file attachments, Meta announced recently. The vulnerability, tracked as CVE-2025-30401, affects all WhatsApp for Windows versions before v2.2450.6.
The security issue stems from how WhatsApp handles attachments on Windows devices. The application displays attachments based on their MIME type (which indicates the kind of file it is) but processes them according to their filename extension when opened. This mismatch creates an opportunity for attackers to disguise malicious code as harmless files.
For example, a malicious actor could send what appears to be an innocent image file that actually contains harmful executable code. When the unsuspecting recipient opens the attachment, they may unknowingly run malware on their system instead of viewing the expected image.
The vulnerability was identified through Meta's bug bounty program by an external researcher. While there are no reported cases of active exploitation, security experts warn that this flaw could be particularly attractive to cybercriminals distributing malware and spyware.
Only the Windows desktop version of WhatsApp is affected by this vulnerability - Android and iOS users are not at risk since their apps handle attachments differently.
Meta strongly recommends that all WhatsApp for Windows users immediately update their application to version 2.2450.6 or later through the Microsoft Store to protect themselves from potential attacks. Users should also exercise caution when opening attachments, particularly from unknown senders.
The discovery highlights the ongoing importance of prompt security updates and careful handling of message attachments in popular messaging platforms.