قالب وردپرس درنا توس
Home / Technology / VLC has a critical gap. The bug allows the attackers to run the code remotely

VLC has a critical gap. The bug allows the attackers to run the code remotely



About the Author

  Oscar Ziomek

The popular VLC player found a fatal error. Researchers from the German CERT Federation point to the gap that has been classified as critical and identified as CVE-201

9-13615. As a result of an error, attackers can remotely execute code and read and modify files without authorization. Neowin service informs about the details.

As it turns out, the creator of the player knows about the mistake and the work on his solution is in progress. However, it is not known how much this can cost and it is worth uninstalling the program for your own safety until the problem is resolved. The problem even affects the latest version of VLC and can be a real threat to many users – according to statistics, one of the newer versions (3.0.6) has been downloaded almost 105 million times.

It should be noted that the described gap is not the first situation in the past. This is the time when VLC paves the way for manipulating files on your computer. Previously, we described a similar case in June when an unpatched version of VLC was able to run an "infected movie" attack.

Apart from the topic, VLC is invariably a very popular player, not just on Windows. It's to be known that the VLC for Android was recently reused in Android Auto.


Source link