VLC, the exceptional open-source media player that pretty much runs on everything, has been one of the first programs I install on a new computer or smartphone for years. It's simple, powerful and free—I couldn't ask for anything more. Well, except maybe not having it play host to a
critical (See update below) security vulnerability
Discovered by German security agency CERT-Bund (via WinFuture), a new flaw in VLC (listed as CVE-2019-13615) that has been given a base vulnerability score of 9.8, which classifies it as “critical.”
The vulnerability allows for RCE (remote code execution) which potentially allows bad actors attackers to install, modify, or run software without authorization, and could also be used to disclose files on the host system. Translation: VLC’s security hole could allow hackers to hijack your computer and see your files.
VideoLAN, makers of VLC, tweeted
to say that VLC is not vulnerable.
"About the "security issue" on #VLC : VLC is not vulnerable. tl;dr: the issue is in a 3rd party library, called libebml, which was fixed more than 16 months ago.VLC since version 3.0.3 has the correct version shipped, and @MITREcorp did not even check their claim.
Gizmodo reports that the National Vulnerability Database's entry for the bug was downgraded, specifying that the “Victim must voluntarily interact with attack mechanism.”
This post has been corrected to reflect VideoLAN's debunking of the security researchers' claims — Rob Beschizza
• You’ll never guess how much the computer originally cost.
The Universal Serial Bus specification was introduced by a consortium of large tech companies in 1996 to standardize the way peripherals connect to computers. In this episode of Nostalgia Nerd on YouTube, you can learn about the history of USB, and why the connector configurations change so frequently. This 20-minute video was more interesting than […]
The miniature model supercomputers that Cray salespeople carried sometimes hit eBay, and they’re getting quite pricey. This 3.75″ tall scale model of the Cray X-MP, once the world’s fastest computer, is on offer for $700. I wonder, if you put a Rasberry Pi in it, would the resulting machine be faster than a Cray X-MP? […]
After years of hearing a steady drumbeat about the necessity of surfing the web under the protection of a VPN, even the most technophobic among us are starting to come around. But even knowing the dangers one can face from cybercrooks phishing for information from unsuspecting victims online, those last holdouts still have some fears. […]
You may not realize it, but some of the biggest films in movie history have been edited using the same tools some of you use to cut your video of vacationing at Disney World. Giant movies from Oscar favorites The Social Network and Gone Girl to blockbusters like Avatar, Deadpool, and last year’s Terminator: Dark […]
Now that the initial furor and shortages have subsided, it’s probably not a bad time to start considering your long-term cleaning and disinfecting plans. Sure, that might seem anywhere from overly cautious to outright ridiculous, but the threat of COVID-19 appears poised to be present for a while and the need for quick travel clean-up […]