September 30, 2016

VLC Releases V1.1.7 To Plug MKV Vulnerability

VLC Media PlayerThe VideoLAN project team have released V1.1.7 of VLC which closes the hole in the MKV demuxer which was discovered a few days ago. This is the eighth release of the 1.1.x branch of VLC and as well as fixing the MKV problem it also fixes some other minor issues and updates some translations.

The original problem which is detailed in Security Advisory 1102 revolves around a lack of input validation in the MKV demuxer which means that a specially crafted file could be created allowing a malicious third party to execute arbitrary code.

All users of VLC, which is available for OS X, Windows, Linux, should upgrade.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks