Our Favorite Media Players: VLC 1.0.2 Update
I’ve made no secret out of the fact that I am absolutely bonkers about the VLC or Video LAN Client media player. I liked it a lot when it was in its early development phase, I liked it even more when it reached the RC (Release Candidate) milestone, and I definitely loved what I saw when the media player was launched as a final, stable product. Since then the software has been updated to version 1.0.1 (but we missed that one because we were focused on other things) and as of this week to version 1.0.2
Finding out that VLC has been updated comes as pleasant news. Finding out what the update addresses is even better. It seems that VLC version 1.0.1 and all other versions down to 0.5.0 are plagued by critical security vulnerability that if exploited could lead to arbitrary code execution.
Here is the official explanation provided by the Video LAN Project: “When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow. If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player. Exploitation of this issue requires the user to explicitly open a specially crafted file.”
You are well advised to download and install version 1.0.2 onto your system. It is the only means of ensuring you and your system remain protected. If you do not upgrade, the only other workarounds are:
If you would like to get VLC 1.0.2, you can download it straight from FindMySoft here (Windows only).
If you would like to get it straight from the official Video LAN Project webpage, just click here (all other supported operating systems).
Tags: VLC, Video LAN Client, Media Player, Update, Security, Vulnerability
Finding out that VLC has been updated comes as pleasant news. Finding out what the update addresses is even better. It seems that VLC version 1.0.1 and all other versions down to 0.5.0 are plagued by critical security vulnerability that if exploited could lead to arbitrary code execution.
Advertising
Here is the official explanation provided by the Video LAN Project: “When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow. If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player. Exploitation of this issue requires the user to explicitly open a specially crafted file.”
You are well advised to download and install version 1.0.2 onto your system. It is the only means of ensuring you and your system remain protected. If you do not upgrade, the only other workarounds are:
- do not open files from untrusted sources.
- do not access untrusted remote sites.
- disable the VLC browser plug-in.
- manually remove the MP4, AVI and ASF demuxer plug-ins from the VLC plug-in directory. These are: libmp4_plugin.*, libavi_plugin.*, libasf_plugin.*
If you would like to get VLC 1.0.2, you can download it straight from FindMySoft here (Windows only).
If you would like to get it straight from the official Video LAN Project webpage, just click here (all other supported operating systems).
Tags: VLC, Video LAN Client, Media Player, Update, Security, Vulnerability
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 28 Sep 2011
Great news for fans of properly good web browsers: the latest version of the Firefox browser to be released to the public is v 7.0
By George Norman on 05 Jan 2012
This is proof that there are a lot of threats on the web and the perfect example of why you should use a properly good security solution to secure your data against viruses and other malware
By George Norman on 17 Nov 2011
We all know that the internet is a dangerous place. There are all sorts of nasties out there, from viruses and worms to scammers and cyber criminals. As a parent, it is your task to make sure that your children stay safe online. This means you have to
By George Norman on 28 Nov 2011
Back in August we were reporting that Avast has a grand total of 160 million registered Avast! Free Antivirus Users. Fabricia from Brazil, the 160 millionth user to register the free antivirus product was rewarded withAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Our Favorite Media Players: VLC 1.0.2 Update
HTML Linking Code
HTML Linking Code