The VideoLAN project has released VLC Media Player 1.1.8 to address two vulnerabilities in the handling of .AMV and .NSV files. These vulnerabilities could be exploited by a remote attacker to obtain arbitrary code execution with the privileges of the user running VLC.
V1.1.8 also adds some minor new functionality including an update to the look and feel of the OS X version:
- Support for a new Dirac encoder based on libschroedinger
- Package of the new VP8/Webm encoder ‘Bali’
- Notable updates in .mp4, .ogg, .ape demuxers
- Major updates in most language translations
VLC 1.1.7 was downloaded 50 million times and VLC 1.1.8 can be downloaded here.