Our Favorite Media Players: VLC 1.0.2 Update
Article by George Norman
On 24 Sep 2009
I’ve made no secret out of the fact that I am absolutely bonkers about the VLC or Video LAN Client media player. I liked it a lot when it was in its early development phase, I liked it even more when it reached the RC (Release Candidate) milestone, and I definitely loved what I saw when the media player was launched as a final, stable product. Since then the software has been updated to version 1.0.1 (but we missed that one because we were focused on other things) and as of this week to version 1.0.2

Finding out that VLC has been updated comes as pleasant news. Finding out what the update addresses is even better. It seems that VLC version 1.0.1 and all other versions down to 0.5.0 are plagued by critical security vulnerability that if exploited could lead to arbitrary code execution.

Advertising

Here is the official explanation provided by the Video LAN Project: “When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow. If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player. Exploitation of this issue requires the user to explicitly open a specially crafted file.”

You are well advised to download and install version 1.0.2 onto your system. It is the only means of ensuring you and your system remain protected. If you do not upgrade, the only other workarounds are:

  • do not open files from untrusted sources.
  • do not access untrusted remote sites.
  • disable the VLC browser plug-in.
  • manually remove the MP4, AVI and ASF demuxer plug-ins from the VLC plug-in directory. These are: libmp4_plugin.*, libavi_plugin.*, libasf_plugin.*

If you would like to get VLC 1.0.2, you can download it straight from FindMySoft here (Windows only).
If you would like to get it straight from the official Video LAN Project webpage, just click
here (all other supported operating systems).



Tags: VLC, Video LAN Client, Media Player, Update, Security, Vulnerability
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 31 May 2017
Having lots of devices connected to your network and the internet isn't a problem, as long as you keep the bad guys out of the picture. That’s crucial, because they'll exploit any vulnerability that they can find.
By George Norman on 17 Jul 2017
If you want top notch protection for your Windows computer, you can’t go wrong by getting something developed by the internationally renowned security company Kaspersky Lab. The problem is that…
By George Norman on 21 Jul 2017
Unto the Evil, Hell Followed and Bloodfall, the 3 multiplayer DLCs that used to cost money, are now free for anyone who owns the brutally fun first person shooter, Doom. And that’s not all that Update 6.66 has to offer.
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Our Favorite Media Players: VLC 1.0.2 Update
HTML Linking Code