WhatsApp for Windows Bug Lets Attackers Obfuscate Malware in Attachments

A vulnerability in the Windows WhatsApp client lets threat actors inject dangerous malware into apparently legitimate attachments.

Meta discloses bug in WhatsApp Windows client

Meta is warning WhatsApp users that a spoofing vulnerability could let threat actors cloak malicious code in sent attachments, according to a recent security advisory.

The shortcoming stems from how the WhatsApp for Windows client handles attachments based on file type. When the user tries to open an attachment, the popular messaging app's Windows client looks at the file type and decides how to handle it.

In an attack scenario, a threat actor could append a JPEG extension to an executable file. Upon attempting to view the rogue image file, the recipient could inadvertently launch a malicious executable on its system.

Technical details about the vulnerability

According to the advisory, the vulnerability, tracked as CVE-2025-30401, affects all versions before 2.2450.6.

“A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension,” reads the vulnerability’s description. “A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp.”

Mitigation steps and cyber hygiene tips

All users running WhatsApp Windows on their PCs are advised to update to the latest version of the client to avoid falling prey to a campaign exploiting this vulnerability.

If your WhatsApp for Windows version is 2.2450.6 or earlier, update to the latest version right away.

It is worth noting that the attack involves user interaction, meaning that a maliciously crafted attachment couldn’t affect you if you don’t open it manually. Exercise caution, especially with attachments you receive from unknown senders.

Even a seemingly benign image could host dangerous malware.

Staying safe against rogue attachments and other threats

Specialized software like Bitdefender Ultimate Security can help you thwart threat actors’ efforts to compromise your security through rogue WhatsApp attachments.

It protects your devices from various digital threats, including viruses, worms, Trojans, zero-day exploits, spyware, ransomware, and rootkits.

Its key features include complete real-time data protection, network threat prevention, behavioral detection to monitor active apps, cryptomining protection, web attack prevention, and AI-powered scam detection.