If you use the VLC Media Player, you should look better for an alternative after a warning from the CERT of the Federal Office for Information Security (CERT-Bund). Because in the VLC gapes again a security gap, which was classified as critical.

Bad News for VLC Media Player Users

A warning has been published today by CERT and emailed to its subscribers. It’s about the popular open-source application VLC Media Player. Already in June, the widespread player was noticed because the VLC Media Player was in version 3.0.6 and older prone to injected malicious code. Now there is a recent warning for VLC 3.0.7.1 for Linux, UNIX, Windows.

High-Risk Assessment

The CERT Confederation has classified the vulnerability as critical and awarded the risk assessment “High” (Level 4). This is the second-highest warning level for security holes in the CERT. Unlike in June, however, no cases have yet become known in which the vulnerability has been actively exploited

Critical Vulnerability Found in the latest VLC Media Player
Image Credits – https://www.express.co.uk

According to the warning, the vulnerability allows remote attackers to unnoticed code execution on the PC their victims. The vulnerability has already been described in CVE-2019-13615: “A remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files,” the report said warning message.

So far there is no update from VLC, and it is also not known when a security update will come out. Therefore, one should consider whether one does not dodge to another player at the moment.

LEAVE A REPLY

Please enter your comment!
Please enter your name here