30 July 19, 08:20
(This post was last modified: 30 July 19, 08:21 by harlan4096.)
Quote:Continue Reading
Reports started to emerge on the Internet about a critical security vulnerability in the popular multimedia player VLC Media Player.
Update: VideoLAN confirmed that the issue was not a security issue in VLC Media Player. The engineers detected that the issue was caused by an older version of the third-party library called libebml that was included in older versions of Ubuntu. The researcher used that older version of Ubuntu apparently. End
Gizmodo's Sam Rutherford suggested that users uninstall VLC immediately and the tenor of other tech magazines and sites was identical for the most part. Sensationalist headlines and stories generate lots of pageviews and clicks, and that is likely the main reason why sites like to make use of those instead of focusing on headlines and articles that are not as sensationalist.
The bug report, filed under CVE-2019-13615, rates the issue as critical and states that it affects VLC Media Player 3.0.7.1 and previous versions of the media player.
All desktop versions of VLC Media Player, available for Windows, Linux and Mac OS X, are affected by the issue according to the description. An attacker could execute code remotely on affected devices if the vulnerability is exploited successfully according to the bug report.