Among all the messaging apps in India, WhatsApp is the most popular, as people from diverse age groups use it regularly. The main reasons that contribute to its dominance over other messaging apps like Telegram are its easy-to-use interface, free audio and video calls, and other features. However, not just for users, WhatsApp has become the favorite messaging app for scammers as well.

CERT-In (Indian Computer Emergency Team) has recently issued a severe security warning to WhatsApp users, especially those who use it on Windows. The agency was formed in 2004 with a vision to guarantee secure Indian cyber space. On April 9, 2025, CERT-In’s WhatsApp vulnerability alert was issued to those users who have installed this messaging app for Windows desktops.

The government organisation has warned them that a vulnerability might compromise their system’s security and allow attackers to perform spoofing attacks and run unauthorized codes. The WhatsApp security warning from CERT-In has brought unwanted attention to this messaging app with over 400 million active users.

CERT-In’s High-Severity Warning: Devices Affected

According to CERT-In, users who use WhatsApp on their Windows Desktop with an earlier version than 2.2450.6 will be affected by this vulnerability. The agency clarified that this vulnerability issue has arisen from MIME type and file extension misconfigurations, which can result in the improper handling of attachments.

If any WhatsApp Windows Desktop user accidentally opens a harmful file sent through the app, this vulnerability issue will grant permission to the attackers to run unauthorized codes or manipulate their system. This issue has been classified as high-severity by the agency, as it can provide complete control or unauthorized access of the affected device. It is listed as CVE-2025-30401 and impacts those desktop users who heavily depend on this messaging app for calls, media sharing, messaging, etc.

What The CERT-In Said on WhatsApp Security Warning:

According to the cybersecurity government agency, the vulnerability issue may result in data theft, spoofing, or even full control of the affected device. Attackers can remotely take advantage of this flaw by sending attachments to Windows Desktop WhatsApp users. When these are manually opened within the app, they can cause a vulnerability issue to occur. Highlighting the excessive dependency on WhatsApp for both personal and professional communication, the authority has urged users to take the software misconfiguration warning seriously.

What WhatsApp Users Should Do Right Now:

If you have a Windows PC and have the WhatsApp Desktop app installed on it, it must be your priority to check the app’s version. If the latest update is available, it is best to install it, which will resolve the security flaw. Additionally, you can visit WhatsApp’s official page and review the published security advisory or update to fix this flaw.

Apart from updating to the latest available version, users can safeguard their system and data by not opening suspicious file links or attachments, even from known contacts. Through good and strong cybersecurity habits and regularly monitoring new software updates, users can secure themselves from evolving security risks in the future.