[ad_1]
Flash files manipulated allow attackers to access their victims' computers via the VLC player. Update as soon as possible.
The developers of the famous VLC player warn of a security breach. An attacker can remotely bring a computer to freeze or access it if it gets its victim to download a manipulated Flash file (* .swf) and play it back with the VLC player. Even streaming the corresponding Flash content can cause an attack. According to VLC developers, versions 3.0.0 and 3.0.1 are affected. A properly handled file in these versions of the tool can cause memory corruption in a VLC module called "Demux ()".
Fixed the current vulnerability of the VLC player with version 3.0.2 and higher. On our websites, you can use the free download of the VLC player if the automatic update in VLC does not work. We offer the German version for Windows 32 and 64 bit systems. According to VLC developers, OS-level security mechanisms such as Address Space Layout Randomization (ASLR) or Data Execution Prevention (DEP) can reduce but not completely mitigate the risk.
is to take away unknown sources when running or calling files or streams. The automatic opening in the browser allows to disable the corresponding browser extensions of the VLC player.
The VLC player is available in version 3 since the beginning of 2018. Compared to previous versions, the developers have implemented the current codecs, including hardware acceleration for 4K streams and videos, including the support for 3D audio formats. For more information on the popular media player, check out our article with tips for VLC Player 3.0.
[ad_2]
Source link
