Signal denies claims of an alleged zero-day flaw in its platform
2023-10-16 21:18:5 Author: securityaffairs.com(查看原文) 阅读量:9 收藏

Signal denies claims of an alleged zero-day flaw in its platform

Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation.

The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into the claims after they have seen the vague viral reports alleging a zero-day vulnerability.

“PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability. After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels.” reads the tweet published by the company.

PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability.

After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels.

— Signal (@signalapp) October 16, 2023

The company also added that it has checked with the U.S. Government to determine if they were aware of a zero-day exploit for their platform.

We also checked with people across US Government, since the copy-paste report claimed USG as a source. Those we spoke to have no info suggesting this is a valid claim.

We take reports to [email protected] very seriously, and invite those with real info to share it there. 2/

— Signal (@signalapp) October 16, 2023

Rumors circulated over the weekend about a zero-day flaw in the Signal platform that could be exploited to take over the target device. Some researchers reported that the flaw affected the link preview feature of the mobile app and urged users to disable it. Researchers fear that commercial surveillance vendors could be aware of a zero-day vulnerability in the Signal app that allowed their spyware to completely control the target devices.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Signal)




文章来源: https://securityaffairs.com/152539/hacking/signal-denies-0day-claims.html
如有侵权请联系:admin#unsafe.sh