Do you use WhatsApp? If so, you need to be especially careful right now because there’s a security vulnerability in the Windows version—which many people still use every day—that can infect your PC with malware. WhatsApp has issued a security alert about the vulnerability, which is listed as CVE-2025-30401.
By exploiting this vulnerability, malicious actors can use attachments in MIME format (Multipurpose Internet Mail Extensions)—a format the desktop version uses by default—to inject malware on PCs. The theft of sensitive data is also possible with this method.
The risk of an attack that takes advantage of this flaw is relatively high, but an affected user must first interact with the MIME attachment for it to be actively exploited. Nevertheless, you should always be careful when receiving WhatsApp messages from people you don’t know, especially when they contain unsolicited attachments.
Dangerous attachments are often disguised as harmless image files—and with one careless click, malware can be activated.
Update your WhatsApp now
If you currently have WhatsApp for Windows installed on your PC, you should update to version 2.2450.6 (via the Microsoft Store) as soon as possible. In this version, the security vulnerability has been fixed and can no longer be actively exploited by attackers.
The normal WhatsApp app for Android and iOS devices is NOT affected by this issue, as the MIME format is only used for delivering content in the PC version of WhatsApp.
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.
