WhatsApp users are advised to review their settings and ensure they are using the latest version of the app following the discovery of two security vulnerabilities. These vulnerabilities, affecting media files handling and WhatsApp for Windows, could potentially be exploited by cybercriminals for social engineering attacks, as highlighted by experts at Malwarebytes.
Although the flaws do not currently pose an immediate threat, they could be used to deceive devices into opening content from untrusted sources. Identified as CVE-2026-23866 and CVE-2026-23863, these vulnerabilities were uncovered through Meta’s Bug Bounty program.
WhatsApp has not witnessed any real-world exploitation of these flaws. However, the company, owned by Meta, has released an update and strongly recommends users to verify their settings and ensure their app is up to date for enhanced security.
To safeguard themselves, users are urged to ensure their WhatsApp app is fully updated. Android users can update via the Google Play Store by searching for WhatsApp Messenger and selecting “Update.” iPhone users should update by accessing the App Store, navigating to WhatsApp under their profile icon, and selecting “Update.”
Following the update, users can rest assured that their devices are shielded from potential attacks. Meanwhile, it’s worth noting that older Android devices may face WhatsApp access issues, as WhatsApp plans to discontinue support for devices running versions older than Android 6 starting September 8, 2026, according to WABetaInfo.
Impacted users may receive a notification stating that WhatsApp will cease to function on their devices later in the year. However, the impact is expected to be minimal since Android 6, introduced in 2015, is now rarely found on modern smartphones.