After reports last month that Apple had pushed out iOS 18.6.2 to fix a major software bug, it has now been confirmed that the risks were directly associated with popular messaging service WhatsApp. The Meta-owned chat app has now released its own update to fix the bug that has affected iPhones, iPads and Macs.

WhatsApp released a free update for iPhone users that fixes a bug related to anyone using WhatsApp group chats. The flaw in the service is referred to as a “zero-click” vulnerability, which means it doesn’t require any direct interaction from the user, such as clicking a dodgy link, for sensitive device and app data to be accessed.

“We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users”, WhatsApp said.

A security expert is now urging all iPhone users with WhatsApp installed to update the app to the latest version to avoid the risk of being targeted by cyber criminals.

“WhatsApp and Apple devices are some of the most widely used technologies on the planet, especially among senior executives,” said Adam Boynton, Senior Security Strategy Manager EMEIA at security firm Jamf.

“That popularity makes them prime targets. Attackers know that if they can find a way in, the payoff is huge. It is why we see significant investment from adversaries in uncovering zero-click vulnerabilities like this one.”

The Hacker News reported WhatsApp confirming less than 200 WhatsApp users had been notified that they may have been targeted by criminals in relation to the app flaw.

Though instances of the bug being used to gain access to people’s iPhones appear to be very limited, Boynton advises always keeping your WhatsApp app up to date with the latest version from Meta.

“The objective is rarely just the initial compromise. Exploits of this kind are often a launchpad for extracting sensitive data, harvesting credentials, eavesdropping on conversations, or even staging a ransomware attack further down the line.

“This is why patching apps and keeping operating systems up to date is so critical. Apple does an excellent job of making security updates widely available and easy to apply, but organisations must ensure those updates are adopted quickly and consistently.”

WhatsApp remains an incredibly popular messaging app in the UK, with millions of users. It has, anecdotally, replaced traditional SMS text messaging as the go-to smartphone chat app of choice.

Although this particular bug only affects Apple devices, if you use WhatsApp on an Android phone you should still ensure you have automatic updates enabled so that important fixes are downloaded to your phone regularly.

“The lesson here is clear: do not underestimate the risk because a platform is popular and trusted. For attackers, that popularity is exactly what makes it worth targeting.”