A few days ago, the Internet circulated information about a dangerous vulnerability detected in the popular VLC player. We also warned her. The exploit received the code CVE-2019-13615 from MITER, so everything seemed to indicate that the problem was real. VideoLAN software authors have bitterly denied the information about the danger.
Scan your website for malware using this website scanner.
It seems that the vulnerability was patched a year ago and only some older versions of VLC are vulnerable. The person responsible for detecting sensitivity did not respond to attempts to contact representatives of VideoLAN. What’s more, the problem submitter used an outdated Ubuntu 18.04 (as emphasized by the creators of VLC), and – most importantly – an outdated version of the program.
“VLC is not sensitive (vulnerability). In short: one third party libraries called libebml caused the problem, which we repaired over 16 months ago. VLC from version 3.0.3 up comes with the correct version of the file. MITER has not even verified matters. “, we read in Tweet.
Particularly interesting seems the attitude of the MITRE company, which did not contact VideoLAN before publicizing the whole matter.
In a word: the VLC player is safe, provided you use one of its latest versions. The whole thing illustrates, among other things, why you should update the software on your computer on a regular basis – not only Windows 10.
VLC Media Player is one of the most popular video players in the world. The creators boast that it has been downloaded more than 3 billion times. The program is available in versions for Windows and Android and iOS mobile.