WhatsApp Zero-Click Vulnerability: Urgent Update Required
Meta is distributing updates for various WhatsApp clients because attackers successfully injected code without any user interaction. the vulnerability in the messenger exploits a bug in the authorization process on certain iPhones, iPads, and macOS computers during automatic message synchronization. Registered as CVE-2025-55177, it can be exploited alongside operating system vulnerabilities to install spyware through a malicious URL. Apple device users don’t need to click or tap anything for this attack to work – itS a zero-click exploit.
Specifically, the affected versions are WhatsApp for iOS version 2.25.21.73 or older,WhatsApp Business for iOS version 2.25.21.78, and WhatsApp for Mac version 2.25.21.78 or older. Update instantly.
This exploit can be used in conjunction with the previously known vulnerability CVE-2025-55177 (EUVD-2025-26214 – CVSS 8.0,rated as “high” risk). The vulnerability in the operating systems allows for remote code execution. Updating both WhatsApp and your device’s operating system is crucial for protection.
Key Takeaways
- Zero-Click Exploit: This vulnerability doesn’t require any action from the user, making it particularly perilous.
- Affected Platforms: iPhones, iPads, and macOS computers running older versions of WhatsApp are at risk.
- Immediate Action Required: Update WhatsApp to the latest version (2.25.21.74 or newer for iOS,and newer than 2.25.21.78 for Mac) as soon as possible.
- OS Updates Matter: Ensure your Apple device’s operating system is also up-to-date to address related vulnerabilities.
- CVE Details: The vulnerability is tracked as CVE-2025-55177 and is linked to EUVD-2025-26214.
FAQ
- What does “zero-click” mean?
- A zero-click exploit means an attacker can compromise a device without requiring the user to open a link, file, or take any other action. The attack happens automatically in the background.
- How can I check my WhatsApp version?
- On iOS: Open WhatsApp > Settings > About. The version number will be displayed. On Mac: Open whatsapp > WhatsApp > About WhatsApp.
- Is my data at risk if I don’t update?
- Yes. Attackers could perhaps install spyware on your device, gaining access to your messages, calls, photos, and other sensitive details.
- What should I do if I suspect I’ve been compromised?
- update WhatsApp and your operating system immediately. Consider performing a full device reset as a precaution, but back up your important data first.