A double-free bug could allow an attacker to achieve remote code execution. Users are encouraged to update to a patched version of the messaging app. Facebook has since released an official patch for the app in WhatsApp version 2.19.244, according to the researcher. The flaw is the latest of a flurry of vulnerabilities found in recent months on the app used daily by 300 million people worldwide. In May researchers identified a zero-day flaw that could allow attackers to inject spyware onto user s machines.
Source: https://threatpost.com/whatsapp-flaw-opens-android-devices-to-remote-code-execution/148888/