A critical security flaw has been identified in the desktop version of Telegram, potentially allowing attackers to execute harmful code through media processing.
CertiK Alert's recent report sheds light on the issue and emphasizes the urgent need for users to disable the auto-download feature to safeguard their accounts.
Learn the simple steps to enhance your Telegram security and stay protected against potential threats.
Disabling the Auto-Download Feature is Recommended
A serious vulnerability exposing users to the risk of attacks has been discovered in the desktop application of Telegram, as revealed by a report from CertiK Alert.
According to the report published by CertiK Alert on April 9, 2024, this vulnerability could potentially lead to remote code execution (RCE) attacks through the processing of media, where users could be targeted via the automatic download of manipulated image and video files.
This vulnerability exists solely in the desktop version of the Telegram application, and the mobile version is not affected due to the requirement for directly executing signed executable programs. However, it is recommended for users of the desktop version to disable the auto-download feature.
Here's how to disable the auto-download function in Telegram:
- Navigate to the “Settings” in the Telegram app.
- Select “Data and Storage” from the settings menu.
- Turn off “Automatic Media Download” to disable all auto-downloads.
Telegram is widely used in the cryptocurrency industry, but there have also been numerous reports of account takeovers and other forms of damage. Users are advised to exercise caution.
-
Telegram Introduces "50% Ad Revenue Sharing" in 100 Countries Using Cryptocurrency TON | Surge in TON Price
Discover how Telegram's new "Telegram Ad Platform" uses Toncoin (TON) to share 50% of ad revenue with channel owners in 100 countries, sparking a 37% surge in TON price.
続きを見る