WhatsApp Flaw Permitted Users to Continuously Access “View Once” Images

Uncategorized Mihnea


**Bug in WhatsApp’s “View Once” Feature Enabled Unlimited Access to Disappearing Media**

WhatsApp presents a capability known as **”View Once”** for occasions when you wish to share a picture or video that disappears after being viewed. The concept is straightforward: once the recipient views the media, it is gone forever. Nevertheless, a newly identified bug — now remedied in the latest iOS version — compromised this feature, enabling users to access “View Once” content multiple times.

### **Understanding the Bug and Its Mechanism**

The vulnerability, initially outlined in a blog entry by cybersecurity expert [Ramshath](https://medium.com/@ramshath1999/how-i-discovered-a-bypass-in-whatsapps-view-once-feature-aea3bdf6405a), was remarkably simple to exploit and necessitated no advanced technical skills. If a “View Once” image or video was sent to you, you could circumvent the disappearing mechanism by going to **Settings > Storage and Data > Manage Storage**. By finding the sender’s chat and sorting the storage by “Newest,” the allegedly disappeared content was still retrievable.

This problem was confined to **iPhone users**, representing a substantial segment of WhatsApp’s audience. Consequently, the bug posed a significant privacy risk for WhatsApp and its parent organization, Meta.

### **Meta’s Acknowledgment and Resolution**

Ramshath relayed the vulnerability to Meta via its bug bounty initiative. The researcher indicated that Meta recognized the problem and confirmed that remediation efforts were already underway. The solution was implemented shortly after in **WhatsApp version 25.2.3 for iOS**. Users are highly urged to upgrade to the most recent version to guarantee that the “View Once” feature operates as it should.

### **Past “View Once” Complications**

This is not the first instance where WhatsApp has encountered difficulties with its “View Once” function. In September 2024, security analysts found that disappearing media could still be retrieved by inputting the exact URL of the media file, as it was inadequately stored on WhatsApp’s servers. That issue, alongside another similar vulnerability, was ultimately resolved.

### **Recommended Actions**

If you are using an iPhone, ensure you update your WhatsApp application to the latest version to protect your privacy and ensure that the “View Once” feature operates correctly. While WhatsApp has dealt with this specific bug, the occurrence acts as a reminder that even privacy-oriented features can occasionally fail, emphasizing the need to remain vigilant and keep your applications updated.