WhatsApp Fortifies security with ‘Strict Account Settings’ and Rust-Based Media Protections
Table of Contents
Meta is bolstering WhatsApp’s defenses against complex cyberattacks with the rollout of “Strict Account Settings” and a major shift to the rust programming language for media handling, aiming to provide enhanced protection for high-risk users.
The new measures, announced on January 27, 2026, represent a significant investment in WhatsApp’s security infrastructure, responding to the evolving threat landscape and increasingly targeted attacks. According to a company release, “Strict Account Settings is one of many ways we’re working to protect you from the most sophisticated of cyber threats.”
Lockdown Mode for High-Risk Users
Strict Account Settings functions as a “lockdown-style” feature, applying the most restrictive privacy settings available within the app. This includes automatically blocking attachments and media from contacts not already in the user’s address book, silencing calls from unknown numbers, and limiting other functionalities that could potentially expose users to risk.
“This lockdown-style feature bolsters your security on WhatsApp even further with just a few taps by locking your account to the most restrictive settings like automatically blocking attachments and media from unknown senders, silencing calls from people you don’t know, and restricting other settings that may limit how the app works,” meta explained in it’s declaration. the feature will be rolled out gradually to users and can be enabled through Settings > Privacy > Advanced.
Rust: A New Foundation for Media Security
Beyond the new account settings, WhatsApp is adopting the Rust programming language to enhance the security of its media sharing features.This represents the largest global rollout of a Rust-based library to date, according to Meta. Rust is known for its memory safety features, which can help prevent vulnerabilities like buffer overflows and other common exploits used in spyware attacks.
The implementation of Rust has enabled the creation of wamedia, a secure, high-performance, cross-platform media library. This library ensures that media shared on WhatsApp is consistent and safe across all devices. Meta is pursuing a three-part strategy to address memory safety: reducing the attack surface by design,strengthening security for existing C and C++ code,and prioritizing memory-safe languages like Rust for new progress.
Additional security measures include control-flow integrity (CFI), hardened memory allocators, and safer buffer handling, reinforcing a “defense-in-depth” approach to security. “Rust enabled WhatsApp’s security team to develop a secure, high performance, cross-platform library to ensure media shared on the platform is consistent and safe across devices,” a company spokesperson stated. “This is an important step forward in adding additional security behind the scenes for users and part of our ongoing defense-in-depth approach.”
Meta anticipates accelerating the adoption of Rust across its platforms in the coming years, highlighting opportunities for its security teams to leverage the language’s benefits. Developers working with C and C++ are receiving specialized security training, development guidance, and tools to mitigate risks associated with those languages.
Why: Meta implemented these changes to counter increasingly sophisticated cyberattacks and protect high-risk users (journalists, activists, etc.). The move addresses vulnerabilities in media handling and provides a “lockdown” mode for enhanced privacy.
Who: Meta (WhatsApp’s parent company) is responsible for the changes. The features are aimed at protecting WhatsApp users, particularly those considered high
