Home  /  Privacy and Security  /  A critical flaw in VLC media player leaves PCs exposed, VideoLAN says otherwise
PostedinPrivacy and Security Posted on

A critical flaw in VLC media player leaves PCs exposed, VideoLAN says otherwise

Posted By 

The issue isn’t reproducible, according to VideoLAN

What just happened? Given its popularity, there’s a high chance that you have the VLC media player installed on your PC. Unless you’re running macOS, your Windows, Linux or Unix machine is reportedly susceptible to being hacked remotely if it has the media player installed. Although no reports have yet emerged on the vulnerability being exploited, the VideoLAN team are still working on a patch. Interestingly, VideoLAN also says the issue isn’t reproducible and that the normal release v3.0.7.1 doesn’t crash because of the bug.

Identified as CVE-2019-13615, the vulnerability in the hugely popular VLC media player (version 3.0.7.1) was recently discovered by German security agency CERT-Bund and given a rating of 9.8 in the NIST’s National Vulnerability Database.

Apparently, the flaw leaves billions of computers exposed to remote code execution (RCE) where hackers can get unauthorized access to install and execute malicious code and modify files/data on target machines and cause disruption through denial-of-service attacks.

Although the bug has been open at VideoLAN’s end for the past four weeks, and the team is 60 percent through working on a fix, VLC developer Jean-Baptiste Kempf says the issue is not reproducible and doesn’t crash a normal release of VLC 3.0.7.1, reports lifehacker, with Kempf making the following comments:

This does not crash a normal release of VLC 3.0.7.1

If you land on this ticket through a news article claiming a critical flaw in VLC, I suggest you to read the above comment first and reconsider your (fake) news sources.

Twitter handle of the VideoLAN team also had a word with CVE on how the issue was reported publicly.

Reportedly, the bug doesn’t affect macOS users so they can continue using the software without any problems. Those on either Windows, Linux or Unix are advised to practice caution as things proceed because it’s rather tricky to pick a side between the German Computer Emergency Response Team (CERT-Bund) who first brought the issue to light or VideoLAN, the non-profit organization behind the open-source media player.

In the meantime, the better approach is to temporarily retire the software until a patch becomes available, and use another alternative like KMPlayer, GOM Player or Media Player Classic. Though if you feel like it, you can download the proof-of-concept video from the original filer of the bug to see if it crashes your VLC installation (it didn’t crash on my end) and decides for yourself.

Credits to Humza Aamir of TechSpot.

Tags:

About Author

Matthew.England

Related Posts

85 Comments

  1. Deborah.Moore Reply

    Hello,

    Thank you for this feedback! We’ll make sure to post more blogs!

    Regards,
    Deborah

  2. how tin cans are made Reply

    I was recommended this web site byy my cousin. I’m not sure whether orr not tjis postt is written by
    means of him as nobody else recognize such distinctive about my problem.
    You’re incredible! Thanks!

  3. stepanieujk3.mywibes.com Reply

    Hi! I’ve been following your web site for some time now and finally got
    the courage to go ahead and give you a shout
    out from Atascocita Tx! Just wanted to mention kwep up the good work!

  4. moving company advertising Reply

    all thee timne i used to read smaller content which as well clear their motive, and that
    is also happening with this article which I am readiong now.

  5. http://galedavitt7652.yn.lt/ Reply

    Spot on with thijs write-up, I actually think this website needs a great deal moore attention. I’ll probably bbe returning to read more, thanks for the info!

  6. josefinaomay24538.pen.io Reply

    whah this weblog is fantastic i like reading your articles.
    Stay up the good work! You already know, a lot of people are looking round for this info,
    you can aid them greatly.

  7. Kerry.Hershey Reply

    Hi,

    We appreciate that you bookmark our website.
    We’ll be posting more interesting topics that you will surely enjoy.

    You may also want to visit our website, http://www.reimageplus.com

    Best Regards,
    Kerry Hershey

  8. cardboard baler Reply

    Hi just wanted to give you a quuck heads up and let you
    know a few of the pictures aren’t loading properly. I’m
    not sure why but I think its a linking issue. I’ve tried it in two different browsers and both show the same
    results.

  9. http://carakabudiyanto58.hatenablog.com Reply

    Wonderful site you have here but I was curious about if you knew of any discussion boards that cover the same topics talked about here?
    I’d really like to be a part of online community where I can get
    suggestions from other knowledgeable individuals that
    share the same interest. If you have any recommendations, please let
    me know. Thanks a lot!

  10. www.minikami.it Reply

    Thank you ffor any other informative site.Where else could
    I am getging that type of info written in such an ideal manner?
    I have a project that I’m simply now working on, and I
    have been at the look out for such info.

  11. laurencewalton.edublogs.org Reply

    Hi, after reading this awesome paragraph i am as well cheerful to share my
    experience here with colleagues.

  12. hydraulic baler for sale Reply

    I’m really impressed with your writing abilities as neatly as with the layout on your blog.
    Is that this a paid topic or did you customize it yourself?
    Anyway keep up the nice high quality writing, it is uncommon to see a great blog
    like this one nowadays..

  13. house mover service in singapore Reply

    It is in reality a great and helpful piece of information. I’m satisfied that
    yyou just shared this helpful info with us. Please keep us up to
    date like this. Thanks for sharing.

  14. fiber optic cable companies Reply

    Hey there! This is my firsdt visit too ylur blog! We are
    a collection of volunteers andd starting a new initiative in a community in the same niche.

    Your blog provided us useful information to work on. You have done a wonderful job!

  15. LED sports lighting factory Reply

    Excelllent post. I used to be checking continuously this blog and
    I am inspired! Very helpful info specially the last part 🙂 I deal with such info a lot.
    I used to be seeking this particular information for a
    long time. Thank you and best oof luck.

  16. www.xiqiao.org Reply

    Way cool! Some very vali points! I appreciate you writing thus posat and also
    the rest of the site is also very good.

  17. http://brooksh6640704260.pen.io Reply

    It’s going to be endd of mine day, but before end I
    am rewding this great article to improve my knowledge.

  18. ux.nu Reply

    Very good info. Lucky me I came across your blog by chance (stumbleupon).
    I have saved as a favorite for later!

  19. Matthew.England Reply

    Thank you.

    Regards,
    Matthew England

  20. moving company rates Reply

    It’s nearly impossible to find well-informed people for this topic, however,
    you seem like you know what you’re talking about!

    Thanks

  21. Gary Reply

    It’s truy a nijce and useful piece off information. I’m happy that you
    just shared tbis useful info with us. Please sty us up to date like this.
    Thank you for sharing.

  22. Kerry.Hershey Reply

    Thank you.

    Regards,
    Kerry Hershey

  23. Emilie Reply

    What’s up colleagues, how is all, and what you
    want to ssay concerning this post, inn my view its iin fact awesome for me.

  24. https://eusebiaericson1.wgz.cz/ Reply

    Good write-up. I definitely appreciate this website. Continue the good work!

  25. calvin59l4656937.edublogs.org Reply

    I was able too find good advice from your content.

  26. Tawanna Reply

    I loove what you guys tend to be uup too. Such clever work and reporting!
    Keep up the amazing works guys I’ve added you guys to my personal blogroll.

  27. iPhone X screen assembly Reply

    Keep this going please, great job!

  28. drilling tools manufacturer Reply

    It’s really a nice annd helpful piece of info.

    I’m happy that you shared this useful info with us. Please stay us informed like this.
    Thanks for sharing.

  29. gambling Reply

    Good day! This post couldn’t be written any better!
    Reading this post reminds me of my previous room mate!
    He always kept chatting about this. I will forward this write-up to him.
    Fairly certain he will have a good read. Thanks for sharing!

  30. tembak ikan joker123 Reply

    There’s definately a lot to find out about this issue.
    I like all of the points you’ve made.

  31. slot mudah menang. Reply

    Hi there, everything is going nicely here and ofcourse every one is
    sharing information, that’s actually fine, keep up writing.

  32. situs live casino Reply

    Hey very interesting blog!

  33. valuable business Reply

    Admiring the hard work you put into your site and in depth information you provide.
    It’s awesome to come across a blog every once in a while that
    isn’t the same unwanted rehashed material. Great read!
    I’ve bookmarked your site and I’m including your
    RSS feeds to my Google account.

  34. online dictionary Reply

    If some one wants to be updated with hottest technologies therefore
    he must be visit this web site and be up to date everyday.

  35. used cars nashville tn Reply

    I got what you mean, thank you for putting up. Woh I
    am lucky to find this website through google.

  36. Kerry.Hershey Reply

    Thank you.

    Best Regards,
    Kerry Hershey

  37. tonneau covers essentially Reply

    I am regular visitor, how are you everybody? This post posted at this website is in fact nice.

Leave a Reply

© Copyright 2019