WhatsApp has announced the rollout of a new “Strict Account Settings” feature as part of a broader effort to strengthen protection for users facing heightened cyber risks, including journalists, activists, and public figures. While the platform already offers end-to-end encryption for more than three billion users globally, the company acknowledges that certain individuals require an additional layer of defence against advanced, state-level spyware and targeted attacks.
The new lockdown-style setting, accessible under Settings > Privacy > Advanced, allows users to place their accounts in the most restrictive configuration available. Once enabled, WhatsApp will automatically block all attachments and media sent by unknown contacts, cutting off a common entry point used by attackers who disguise malicious code within seemingly harmless files. The feature is being rolled out gradually and is expected to reach all users in the coming weeks.
Beyond user-facing controls, WhatsApp has completed a major technical overhaul by migrating large portions of its media-handling code from C++ to the Rust programming language. Engineers replaced roughly 160,000 lines of C++ with 90,000 lines of Rust to improve memory safety and reduce vulnerabilities that hackers often exploit through memory-based attacks. This move directly addresses lessons from past incidents such as the 2015 Stagefright vulnerability, which exposed millions of devices to malware hidden in media files.
Complementing this shift is WhatsApp’s new Kaleidoscope security system, designed to intercept malicious files before they ever reach a user’s device. The system detects files masquerading as images or videos, inspects PDFs for hidden scripts, and validates file formats against global standards to prevent exploitation of underlying operating system libraries. Together, these changes signal WhatsApp’s long-term commitment to making private communication resilient not just at the encryption level, but across the entire software stack.
Whatsapp Introduces Strict Settings to Block Malicious Attachments
Related articles