A vulnerability in WhatsApp for Windows, identified as CVE-2025-30401, can be exploited to execute malicious code through manipulated attachments if the user is tricked into opening them. The issue affects all versions of WhatsApp Desktop prior to version 2.2450.6 and stems from an error in how the application handles file attachments.
The flaw involves displaying attachments based on their MIME type — which represents the file type — while file opening is determined by the file name extension. As a result, a file with an innocuous MIME type but an .exe extension can be executed as a program if the user clicks on it. According to Meta, the company behind WhatsApp, this inconsistency can lead to the inadvertent execution of arbitrary code when manually opening an attachment in the app.
Although exploiting the vulnerability requires user interaction — such as opening the malicious attachment — social engineering can make this easier, especially in group chats where messages may appear trustworthy. To reduce the risk, users are advised to update WhatsApp to version 2.2450.6 or later.
Security experts warn that this flaw could be exploited for data theft, malware execution, identity theft, and other malicious activities. It is essential that users exercise caution when opening attachments, even from known contacts — particularly WhatsApp users on Windows.
This post was translated and summarized from its original version using ChatGPT version 4.0, with human review.
Source: The Register.