VLC, the exceptional open-source media player that pretty much runs on everything, has been one of the first programs I install on a new computer or smartphone for years. It's simple, powerful and free—I couldn't ask for anything more. Well, except maybe not having it play host to a
critical (See update below) security vulnerability
Discovered by German security agency CERT-Bund (via WinFuture), a new flaw in VLC (listed as CVE-2019-13615) that has been given a base vulnerability score of 9.8, which classifies it as “critical.”
The vulnerability allows for RCE (remote code execution) which potentially allows bad actors attackers to install, modify, or run software without authorization, and could also be used to disclose files on the host system. Translation: VLC’s security hole could allow hackers to hijack your computer and see your files.
VideoLAN, makers of VLC, tweeted
to say that VLC is not vulnerable.
"About the "security issue" on #VLC : VLC is not vulnerable. tl;dr: the issue is in a 3rd party library, called libebml, which was fixed more than 16 months ago.VLC since version 3.0.3 has the correct version shipped, and @MITREcorp did not even check their claim.
Gizmodo reports that the National Vulnerability Database's entry for the bug was downgraded, specifying that the “Victim must voluntarily interact with attack mechanism.”
This post has been corrected to reflect VideoLAN's debunking of the security researchers' claims — Rob Beschizza
From Etudes.ru (Google translation): More than 40 years ago in 1968 … A team led by Nikolai Nikolaevich Konstantinov creates a mathematical model of the motion of the animal (cat). The BESM-4 machine, executing a written program for solving ordinary (in the mathematical sense of the word) differential equations, draws a cartoon “Kitty” containing even […]
The fourth incarnation of the wonderful Raspberry Pi is upon us. A faster quard-core CPU, up to 4GB of RAM, gigabit ethernet and dual HDMI outputs are the upgrades; there’s USB-C too, but just for power. The CPU boost is a big deal, say early users, but dual-4k displays and 4x the RAM bring it […]
Adam Bradley and Chris Blackburn noticed an unusual, mislabeled eBay listing for a rare beauty: an IBM System/360 in Nuremberg for peanuts. So they set out to do what any self-respecting IBM System/360 fan would do: buy it and fix it up. Thousands of Euros later, they’ve … well, they’ve gotten it out of the […]
The field of data analytics is growing as fast as the internet itself. Self-driving cars, airline pricing, and huge marketing campaigns are all driven by the insights that data scientists can distill out of vast sums of information. Even with the help of powerful software like Python, it’s a highly skilled position. But those skills […]
If you’re marketing on the web, your Google-fu needs to be strong – and up to date. Without a firm grasp on what drives traffic, you’ll never be able to take the wheel. That’s why even if you know where to put your keywords, a little extra effort goes a long way on any marketer’s […]
Want to keep the dentist away? A little tooth care at morning and night isn’t bad, but it won’t keep the stains from smoking or fried foods at bay for long. If you enjoy your food and want to avoid the consequences, an upgrade from that old analog toothbrush can make a huge difference. Among […]