According to Software Engineer Alon Gat and Yair Amit, Vice-President and Chief Technology Officer, Modern OS Security, Symantec, “If the security flaw is exploited, a malicious attacker could misuse and manipulate sensitive information such as personal photos and videos, corporate documents, invoices, and voice memos.”
What this means is that in theory, hackers could potentially intercept media files sent and received, manipulate them, such as changing the bank account number on an invoice, and the recipient will never be the wiser. This can be achieved through an app that runs silently in the background without the user knowing about it.
In response to the report, a WhatsApp spokesperson told The Verge, “WhatsApp has looked closely at this issue and it’s similar to previous questions about mobile device storage impacting the app ecosystem. WhatsApp follows current best practices provided by operating systems for media storage and looks forward to providing updates in line with Android’s ongoing development.”