Meta announced in a blog post that it is adding Strict Account Settings to protect certain users from advanced cyber attacks by locking accounts to the most restrictive options and blocking attachments and media from unknown contacts. The feature is rolling out over the coming weeks.
KEY FACTS
- Feature Locks account to most restrictive settings
- Media Blocks attachments and media from people not in contacts
- Access Enable at Settings > Privacy > Advanced
- Rollout Gradual global rollout over coming weeks
When enabled, Strict Account Settings locks options such as automatic attachment handling and call permissions to restrictive choices, silences calls from unknown numbers and applies additional restrictions that may limit some app features.
Media sharing will use a new cross-platform library called wamedia written in Rust (engineering blog post). The change aims to reduce memory safety risks by moving new media code to a memory-safe language.
Additional protections include control flow integrity, hardened memory allocators and safer buffer handling APIs. The approach pairs product design to reduce attack surface with security assurance for remaining C and C++ code and default use of memory-safe languages for new code.
The feature targets individuals at elevated risk such as journalists and public-facing figures and intentionally trades some functionality for stronger protections. Public details remain limited on how users will be identified for recommendations and on a final completion date for the rollout.
WHY IT MATTERS
Users at higher risk can reduce exposure to advanced spyware by limiting media and call surface on their accounts. The Rust-based media library aims to reduce memory safety vulnerabilities in media handling across devices.