Trending:

VideoLAN clarifies VLC isn't vulnerable; issues were already fixed in older update

Apple Incorporated Modi ji Justin Trudeau Trending

Home
Tech
News & Analysis
VideoLAN clarifies VLC isn't vulnerable; issues were already fixed in older update

VideoLAN clarifies VLC isn't vulnerable; issues were already fixed in older update

tech2 News Staff • July 24, 2019, 22:07:13 IST

Whatsapp Facebook Twitter

The security issue was present on an older version of VLC because of a third-party library.

Subscribe Join Us

Add as a preferred source on Google

Prefer
Firstpost On
Google

VideoLAN clarifies VLC isn't vulnerable; issues were already fixed in older update

Update: Earlier, we had reported that popular media player VLC had a critical security issue that made it vulnerable for hackers to remotely control some aspects of the victim’s machine. However, VideoLAN says that VLC isn’t vulnerable currently and the issue was present because of a third-party library (called libebml) that was fixed 16 months ago. The current 3.0.3 or later version of VLC doesn’t have the security issue and the vulnerability claim was based off on an older version. VideoLAN took to Twitter to address the security concern. If you’re running the latest version of VLC (3.0.7.1) then you don’t need to worry about anything.

About the "security issue" on #VLC : VLC is not vulnerable.
tl;dr: the issue is in a 3rd party library, called libebml, which was fixed more than 16 months ago.
VLC since version 3.0.3 has the correct version shipped, and @MITREcorp did not even check their claim.

Thread:
— VideoLAN (@videolan) July 24, 2019

Original story: VLC Media Player is a highly popular and free media player that’s been available for a long time. Since VLC is open-source software, it is easily accessible to everyone but it turns out that there is a huge security flaw in it. According to WinFuture, German security agency CERT-Bund has found a flaw in VLC that has a vulnerability score of 9.8 making it a “critical” problem. In simple words, because of this app, hackers can install, modify, or run software on your device that too without your authorisation. [caption id=“attachment_5875991” align=“alignnone” width=“1024”] VLC AirPlay support[/caption] As per a Gizmodo report, no one has yet been affected because of it. But this does not mean, that there are not potentially vulnerable systems that can be affected anytime. (Also read: Google takes down seven Russian spying apps from its Play Store ) VideoLAN is probably working on rectifying the flaw already. This means you still have to wait until the company releases an update. Hence, a safer option would be to switch to an alternative like Media Player Classic, MX Player, KM Player and so on.