A recent security flaw in the Windows desktop application of the popular messaging platform Telegram has been swiftly addressed by the company. The vulnerability could have been exploited to bypass security warnings and automatically launch Python scripts, potentially putting users at risk.
Rumors began circulating on X and hacking forums about a possible remote code execution vulnerability in Telegram for Windows. While initial claims suggested it was a zero-click flaw, further investigation revealed that the flaw required the user to click on shared media to trigger the exploit.
Telegram initially refuted the reports, labeling them as a hoax, but a proof of concept exploit was later shared on a hacking forum. The exploit highlighted a typo in the Telegram source code for Windows that allowed Python scripts with a specific file extension to evade security warnings and execute automatically when clicked.
The flaw could have been particularly dangerous as the malicious files were disguised as shared videos, potentially tricking users into unwittingly launching the harmful scripts. The issue affected a small fraction of users who had Python installed on their devices and clicked on the malicious files.
After being notified of the vulnerability, Telegram promptly addressed the issue with a server-side fix. The fix corrected the file extension typo and prevented Python scripts from automatically launching when clicked. The company also stated that future versions of the app will include a security warning message to provide users with additional protection.
By swiftly addressing the vulnerability, Telegram has demonstrated its commitment to ensuring the security and privacy of its users. The incident serves as a reminder of the ongoing efforts required to stay ahead of potential security threats in the digital landscape.
