A maliciously crafted .pyz file can be executed with a single click, granting attackers full control over the victim’s system. Meta has yet to classify this behavior as a security vulnerability, leaving millions of users potentially exposed.
Key Takeaways
1. WhatsApp Desktop auto-executes .pyz files on Windows if Python is installed.
2. Meta hasn’t deemed this a security flaw.
3. Users should unregister .pyz or disable Python; Meta needs file checks or warnings.
According to the H4x0r.DZ post on X, a Python archive (.pyz) bundles Python modules and scripts into a single executable file.
On Windows, double-clicking a .pyz file automatically launches the embedded Python interpreter if Python is installed and registered in the system’s PATHEXT.
Malicious.pyz is created by the attacker and sent to the victim using WhatsApp Desktop. The file is previewed by WhatsApp Desktop, which then permits “Open” without warning. To run the payload and execute the archive, Windows runs Python.
This sequence bypasses typical user safeguards because WhatsApp Desktop does not validate or sandbox file types based on extensions beyond common media and document formats.
A similar vulnerability in Telegram Desktop was discovered earlier this year, where .pyz files also executed automatically, leading to remote code execution.
New AI Telegram Module To Analyze Hacking Related Content In TelegramTelegram patched the issue by implementing strict file-extension checks and warning dialogs before execution.
In contrast, Meta maintains that WhatsApp Desktop only handles “safe” desktop artifacts and does not treat Python archives as executable content.
As a result, no mitigation such as blocking .pyz previews or prompting for confirmation is currently in place.
Security experts recommend immediate measures for both users and Meta:
Alternatively, uninstall or disable Python if not required.
Until Meta acknowledges and addresses this flaw, any Windows user with Python installed remains at risk of unsolicited code execution through WhatsApp Desktop. Vigilance and timely patching are essential to safeguard against potential exploitation.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
The post WhatsApp Desktop Users At Risk of Code Execution Attacks with Python on Windows PCs appeared first on Cyber Security News.
When Daredevil: Born Again debuted last year, many fans weren’t particularly happy with the way…
McDonald's has introduced a brand-new Pro Game Menu and an 'Archie' device that will keep…
A RollerCoaster Tycoon 2 superfan has created what is believed to be the longest rollercoaster…
Baskets of ballots sit at a new ballot processing center in Thurston County, Washington, on…
In a bid to encourage voter turnout for Wisconsin's primary election, the city of Beloit…
The Dari Ripple in South Beloit has officially opened its doors for the season.
This website uses cookies.