0
News broke today that the VLC Media Player—immensely popular and Lifehacker-recommended—allegedly has a pretty severe bug that could allow allow a “booby-trapped” video, as The Register put it, to either crash the player or execute remote code. The former? An annoyance. The latter? A huge security issue, one that’d we recommend uninstalling VLC to address until its creator, VideoLAN, comes out with a patch.
But we’re not recommending that action just yet, because there’s a bit more to the story. The bug report for the issue has been open for four weeks, but VideoLAN president and lead VLC developer Jean-Baptiste Kempf left a series of comments today indicating that the alleged bug isn’t as big a deal as everyone is making it out to be.
https://www.theregister.co.uk/2019/0...code_flaw_vlc/
https://trac.videolan.org/vlc/ticket/22474
https://lifehacker.com/you-should-wa...ter-1836645438