A recent security advisory from Facebook Security highlights a spoofing vulnerability tracked as CVE-2025-30401 affecting WhatsApp for Windows. The flaw could have allowed hackers to send malicious attachments to unsuspecting users. These files would appear harmless at first but could run malicious code if opened within the WhatsApp app.
This vulnerability impacts all versions before 2.2450.6 and poses a major risk to users who frequently interact with file attachments through WhatsApp for Windows. For users not interested in technical details, the issue started with a weird mismatch in how WhatsApp for Windows worked.
WhatsApp would show users the attachment based on what it claimed to be, like a picture or a document, using its MIME type. But when they clicked to open it inside WhatsApp, the app would choose what program to launch based on the file’s extension (like .jpg or .exe), not what it said it was.
Imagine someone sends you a file named “image.jpg.exe.” WhatsApp might show it as a picture because the MIME type says it’s an image. But if you clicked to open it inside the app, WhatsApp would notice the “.exe” ending and open it like an actual program. That means a harmless-looking file could end up running malicious code without the user realizing anything was wrong.
Nico Chiaraviglio, Chief Scientist at Zimperium, a mobile security solutions provider, pointed out that this vulnerability highlights a bigger problem: attachments are still a super common way for bad guys to deliver viruses, spyware and other malicious content.
Chiaraviglio recommends a layered defense strategy to mitigate such risks. This includes attachment scanning to detect potentially harmful files, behavioral analysis to identify suspicious activities, and user education to raise awareness about the dangers of opening unsolicited file attachments.
“This vulnerability highlights a broader issue that applies across all platforms: attachments remain one of the most common vectors for delivering malicious content. While this specific case involves WhatsApp for Windows, mobile platforms are not exempt,” explained Chiaraviglio.
“Attackers regularly leverage file attachments to bypass user trust and deliver malware, phishing payloads, or exploit vulnerabilities. Security teams should adopt a layered defense strategy, including attachment scanning, behavioral analysis, and user education across both desktop and mobile environments,” he advised.
The good news is that WhatsApp has fixed this issue. If you’re using WhatsApp Desktop on Windows, make sure you’re on version 2.2450.6 or later. If not, update it pronto!
