- Credits
- 51,296
Discovered by German security agency CERT-Bund (via WinFuture), a new flaw in VLC (listed as CVE-2019-13615) that has been given a base vulnerability score of 9.8, which classifies it as “critical.” for any VLC player that plays MKV file that can contain malicious codes.
The vulnerability allows for RCE (remote code execution) which potentially allows bad actors attackers to install, modify, or run software without authorization, and could also be used to disclose files on the host system. Translation: VLC’s security hole could allow hackers to hijack your computer and see your files.
Thankfully, it seems no one has taken advantage of the flaw yet, but with WinFuture reporting that the Windows, Linux, and Unix versions of VLC are all affected (but not the macOS version), there’s a huge number of potentially vulnerable systems out there.
VideoLAN is also aware of the issue and is currently working on a patch, though right now, that patch appears to only be 60 percent complete. Sadly, that means while people are waiting for a fix, your only recourse to protect yourself from the flaw is to uninstall VLC and switch to an alternative like KMPlayer or Media Player Classic.
The vulnerability allows for RCE (remote code execution) which potentially allows bad actors attackers to install, modify, or run software without authorization, and could also be used to disclose files on the host system. Translation: VLC’s security hole could allow hackers to hijack your computer and see your files.
Thankfully, it seems no one has taken advantage of the flaw yet, but with WinFuture reporting that the Windows, Linux, and Unix versions of VLC are all affected (but not the macOS version), there’s a huge number of potentially vulnerable systems out there.
VideoLAN is also aware of the issue and is currently working on a patch, though right now, that patch appears to only be 60 percent complete. Sadly, that means while people are waiting for a fix, your only recourse to protect yourself from the flaw is to uninstall VLC and switch to an alternative like KMPlayer or Media Player Classic.
