Potential Vulnerability in Telegram Raises Concerns

Saturday, 13 April 2024, 15:59
Blockchain security firm CertiK discovered a critical vulnerability in Telegram's desktop application that could expose users to Remote Code Execution attacks through media files. Despite Telegram's denial, CertiK demonstrated the vulnerability in the latest Windows desktop version, urging users to take caution. Telegram has since made server-side fixes to address similar issues, emphasizing the importance of reviewing settings and deactivating auto-downloads.
https://store.livarava.com/bc816b95-f9af-11ee-a6be-63e1980711b2.jpg
Potential Vulnerability in Telegram Raises Concerns

Alleged Vulnerability on Telegram

CertiK claimed that Telegram's desktop application, particularly its media processing feature, contains a Remote Code Execution (RCE) vulnerability that exposes users to attacks through media files.

The vulnerability only affects desktop apps executing programs in files, with the mobile app remaining unaffected.

Response from Telegram

Telegram refuted CertiK's claims, unable to verify the vulnerability and suggesting it could be misinformation.

Despite this, CertiK performed an RCE attack on Telegram's latest Windows desktop version, confirming the vulnerability and advising users to remain cautious.

Recommendations

  • Review Telegram settings
  • Deactivate auto-download feature

This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.

Related posts

Newsletter

Get the most reliable and up-to-date financial news with our curated selections. Subscribe to our newsletter for convenient access and enhance your analytical work effortlessly.

Subscribe