VLC Media Player is one of the trusted music players that is used all over the world. And VLC Media Player fans still exist, even in the era of fastest music apps available. But, this news will leave them in a dilemma.
The German security agency, CERT-Bund has warned all the VLC Media Player users by highlighting the security concern of the player. According to the issued warning, this issue is discovered in the latest version of the player.
VLC Media Player: Are all the users under threat?
According to the agency, the security flaw is listed under “High” risk- level 4 issue. However, the VLC 22.214.171.124 users of Windows, UNIX and Linux are vulnerable to this critical flaw. This means the macOS users can find themselves in a safe place.
Although, the report of WinFuture says that no such exploitations have been reported in the real world. But, CERT affirmed the flaw and code-named it as CVE-2019-13615 to provide more information about it.
— CERT-Bund (@certbund) July 24, 2019
Taking advantage of the flaw, the hackers can remotely attack your system. They can also run some random frivolous codes on your system without your permission.
With the help of this, they can even send you a special video which might either lead to app crashing or some hidden code running on your system.
VideoLAN responds to the security flaw
The reports are surfacing online urging the users to uninstall the VLC Media Player and search for other alternatives. Thus, the developer, VideoLAN has stated the flaw.
They say that they already know about the issue and are fixing it. At the same time, they didn’t seem very happy about the reports spreading online about the flaw.
Hey @MITREcorp and @CVEnew , the fact that you NEVER ever contact us for VLC vulnerabilities for years before publishing is really not cool; but at least you could check your info or check yourself before sending 9.8 CVSS vulnerability publicly…
— VideoLAN (@videolan) July 23, 2019
Also, according to them, the issue is not as critical as the reports say. Even the lead developer at VideoLAN, Kemph tried to reproduce the issue on older and current versions of the player. But, he was not able to do so. And, no other additional details are provided by them yet.
About the "security issue" on #VLC : VLC is not vulnerable.
tl;dr: the issue is in a 3rd party library, called libebml, which was fixed more than 16 months ago.
VLC since version 3.0.3 has the correct version shipped, and @MITREcorp did not even check their claim.
— VideoLAN (@videolan) July 24, 2019
Till then, keep calm and wait for more details to come. It won’t be wise to uninstall VLC Media Player right now. For the time being, we’ll recommend you to switch to other music apps.
For more updates, keep watching The Geek Herald!