TL; DR
-
To prevent Telegram RCE attacks, go to Settings → Data & Storage → Auto Download Media → Disable Auto Download for ‘Photos’, ‘Videos’ and ‘Files’.
Full story
We have a safety PSA for you all!
Telegram’s media files may be corrupted.
But before you panic, we have the solution for you.
Because friends support each other, and we are all friends here!
The essence of the attack is that hackers can deploy a Remote Code Execution (RCE) attack by linking it to media files such as images or videos.
As you click on it, you allow the malware to enter your space (not good!).
So! As a security measure, simply disable the automatic download feature.
Specifically on your desktop:
Go to Settings → Data & Storage → Automatic Media Download → Turn off automatic download for ‘Photos’, ‘Videos’ and ‘Files’ for all chat types (private chats, groups and channels).
And voila.
You, our friend, are now safe from auto-downloaded RCE attacks on Telegram.