Security update: VLC media player 3.0.21 available
The developers have fixed a security vulnerability in the VLC media player.
Boris WeberThe developers have closed a security vulnerability in the VLC media player. Malicious code can slip through the vulnerability.
Attackers can target the VLC media player and attack computers via a vulnerability. The bug-fixed version 3.0.21 is now available for download.
In the according Security Bulletin, the developers explain that attackers can trigger a memory error (heap bases overflow) using a manipulated MMS stream. If this works, the player crashes as a result of a DoS attack or malicious code can even get onto systems.
According to the developers, there have been no exploits using this vulnerability to perform code execution attacks so far.
The developers assure that they have closed the vulnerability in version 3.0.21. All previous versions are said to be at risk.
You can download the updated new version here!
About Author
Boris Weber
I am an editor at UpdateStar. I started as a support engineer, and am now specialized in writing about general software topics from a usability and performance angle among others. I telecommute from UpdateStar’s Berlin office, when I am not working remote as a digital nomad for UpdateStar.