VLC security flaw found? Or not?

Tsutarja

Tsutarja

  • Dice Poké Ball Great Ball Ultra Ball
    • 28,129
    Posts
    15
    Years
    Yesterday, Gizmodo reported that a major security flaw was found in the latest version of VLC that could easily allow hackers to get into your machine and install malicious software.

    https://gizmodo.com/you-might-want-to-uninstall-vlc-immediately-1836641101

    In the article, they suggest uninstalling the program until the program is patched. However...

    https://lifehacker.com/you-should-wait-before-banning-vlc-from-your-computer-1836645438

    Is Gizmodo's report accurate at all? Lifehacker published a follow-up on it. In it, they write that VideoLAN is disputing Gizmodo's initial report (via twitter) in that there are no bugs or flaws at all.

    The agency responsible for such a notice on the bug is the German-based CERT-Bund. They're only reporting that the bug exists in the Windows, Linux, and UNIX-based versions of the program. The macOS version is not mentioned to be affected at all. They also mention that only .mkv files are affected.

    So, what's your take on this? Do you believe the findings from CERT-Bund have some credibility to them, or is it better to believe VideoLAN on this issue?
     
    Last edited:
    I don't use VLC but I'd say uninstalling it ASAP is a bit too far-fetched. Swap to another media player for the time being and keep VLC on standby when its safe to use seems more logical imo

    It would also seem Gizmodo updated their article mentioning VideoLAN's tweets on the matter, so I tend to believe the latter just a bit more.
     
    I'd believe VideoLAN when they tweeted that the issue is in a 3rd party library.

    But then they tweeted this which made me think again. They didn't knew or just forgot that Ubuntu 18.04 is LTS version so it's still getting updates including library updates.
     
    Last edited:
    You must log in or register to reply here.
    Back
    Top