VLC is a free and open-source multiplatform multimedia player that plays most multimedia files, as well as DVDs, Audio CDs, VCDs, and various streaming protocols. VLC supports a huge number of multimedia formats and does not require downloading of additional codecs. The player has a complete streaming server, with extended features such as video on demand, instant transcoding, granular speed controls, frame-by-frame feed and more. It can also be used as a server for unicast or multicast streams over IPv4 or IPv6 in a high bandwidth network. VLC Media Player now features fully customizable toolbars, customizable skins, supports playback of broken files as well as compressed files, and more.
Simple, fast and powerful media player.
Play all: Files, Discs, Webcams, Devices, and Streams.
Plays most codecs without codec packages:
MPEG-2, DivX, H.264, MKV, WebM, WMV, MP3
VLC Media Player Release Includes Patch for 13 Vulnerabilities
Following the discussion of the discovery of a critical vulnerability in the VLC Media Player audio and video player that allowed remote code execution, and after VideoLAN expressed its disagreement on the issue, ensuring that the software was not vulnerable, the company responsible announced the release of version 3.0.8. In this new update, VideoLAN announces that in addition to several enhancements related to the program’s functionality, 13 security vulnerabilities have been addressed.
Fixed flaws can be remotely exploited by an attacker by designing a custom file as long as they can trick their attack target into opening the file, VideLAN explains. On the other hand, from this release, the company also informs that it will start publishing security bulletins for VLC Media Player releases. This first bulletin details all security improvements that have been addressed with the new update.
Among the vulnerabilities, 11 were reported by security researcher Antonio Morales and, in the researcher’s opinion, exploiting either one would be simple, the researcher told Threat post . In fact, if an attacker, for example, designed a video file and distributed it to Torrent using a famous television series as a “bait” file name, many users would probably download it and simply open the file.video would activate the vulnerability, Morales told the portal. This scenario is valid for all vulnerabilities, he added.
All bugs fixed in the latest update still affect VLC Media Player version 188.8.131.52, so it is critical to install the new version 3.0.8. In addition, this version has not been sent to users, although it is possible to manually update the software by downloading its latest version from the official website.
VLC MEDIA PLAYER ALL IN ONE PLAYER
Version 3.0.8 (August 19, 2019)
Fixes stuttering for low frame rate videos
Improve adaptive streaming support
Fixes WebVTT subtitle rendering
Improve audio output on macOS and iOS
It also fixes security issues:
13 issues, including 5 buffer overflows that we fixed. 11 CVEs were assigned and addressed.