Skip to Content
© Monticelllo | Dreamstime.com
Security & privacy

Update now! Facebook Messenger flaw lets hackers into your PC

When it comes to malware, infection threats are everywhere. Malicious email links, attachments and downloads are still the most common vectors of attack, which means we all need to actively play a role in blocking security threats.

That’s one reason regularly updating programs and operating systems is such a big deal. If a program has a vulnerability, a hacker can use this hole to slip remote-access bugs into your system or infect it with data-stealing malware. Tap or click here to see which VPN programs are vulnerable to hackers.

But if your device was recently infected with malware, a vulnerable program might be to blame: Facebook Messenger. Researchers have discovered a flaw in the program that can let hackers install software without administrator access. This can leave your system open to infection or worse. Here’s what you can do to fix it.

Facebook Messenger has a scary vulnerability

Researchers from Reason Cybersecurity have discovered a dangerous vulnerability in the desktop version of Facebook Messenger for Windows that can open up computers to remote infection.

The flaw deals with a feature in Windows 10 known as Powershell, which is used by the operating system to run workflows and automated processes. Facebook Messenger integrates with this feature at a deep level, which has the unfortunate side-effect of leaving computers vulnerable to hackers.

Related: Tap or click here to see how this massive Facebook flaw put children at risk

Although the initial findings were discovered and reported to Facebook back in April, the company has only recently patched the program. That means millions of you could have already been attacked without knowing.

Fortunately, there’s no evidence of criminal activity in regard to the flaw. However, this kind of vulnerability can be used to maintain access to a computer for months at a time, which is why the firm is still urging caution. If you use the desktop version of Facebook Messenger, consider updating immediately to stay protected.

What can I do to keep my system safe from hackers?

As it stands, the latest version of Facebook Messenger has been patched to address the flaw, which means it can be safely downloaded and installed for peace of mind. For the sake of your computer, we recommend uninstalling your current version and re-downloading it from the Windows app store just to be safe. Here’s how to do it:

  1. Click the Start Menu on your desktop and open the Settings App by clicking the gear icon
  2. Click on Apps
  3. On the menu that appears, scroll down until you locate Facebook Messenger.
  4. Click on Messenger, followed by Uninstall to remove the program from your PC. Follow the onscreen prompts to complete the removal.
  5. Tap or click here to download Facebook Messenger from the Microsoft Store. You might be required to log in again with your username and password.

The new version of Facebook Messenger (version 480.5 or later), has been completely patched for the flaw, so updating will keep your computer safe from harm. Alternatively, once you’ve removed the app, you can also choose to use Facebook Messenger via your web browser by navigating to Messenger.com and logging in.

This will keep your system safer (in the event that new security issues are discovered), but you will end up sharing data from the sites you visit around the web as long as you’re logged in.

As for making you choose between cybersecurity and data privacy, well, that’s Facebook for you. But hey, at least the company is good about patching its problematic apps. Sometimes. Tap or click here to see how to get the latest Windows 10 patches.

Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment with the ad-free Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the Tech Forum.

Join Now