Security researchers have discovered a severe vulnerability in Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message without requiring any user interaction. The Open Whisper Systems has already released new versions of Signal app within a few hours after receiving the responsible vulnerability disclosure by the researcher. The primary vulnerability that triggers the code execution has been patched in Signal stable release version 1.10.1 and pre-release version 111.11.0-beta.3.
Source: https://thehackernews.com/2018/05/signal-messenger-vulnerability.html