A vulnerability was discovered in the Signal messaging app in Windows and Linux platforms capable of remote code execution.
Only in April 2018, a screen lock bypass in Signal app for iOS was discovered which could let anyone bypass the app screen lock within seconds and in a few taps
Signal is an encrypted messaging application for Android and iOS, as well as a desktop version for multiple platforms. It uses the Internet to send one-to-one and group messages, which can include files, voice notes, images and videos, and make one-to-one voice and video calls.
However, details of the vulnerability are yet to be disclosed publicly. Security researchers worry that the vulnerability might be based from the Electron framework, a framework which Signal and many other apps such as Skype and Wordpress utilize. Hence, a flaw in the Electron framework might also compromise other apps apart from Signal.
Fortunately, the vulnerability has already been fixed in the latest Signal updates.
Despite the vulnerability being fixed immediately by Signal, the details of the vulnerability should be closely monitored to check whether there are other platforms affected by the same.
Signal has been found to contain numerous bugs since the start of 2018, and it is advisable for users to refrain from communicating sensitive information through the said messaging app to prevent unwanted security issues.