An update released over the weekend for the desktop version of the privacy-focused communications app Signal patches a critical vulnerability that could have been exploited for remote code execution with no user interaction required.
http://feedproxy.google.com/~r/Securityweek/~3/yx507hjkDP4/signal-flaw-allowed-code-execution-no-user-interaction