
Problem:
Attackers can exploit this vulnerability using rigged Real Media files (file ending with 'rm') to install malicious software onto the user's computer. The victim has just to open the manipulated multimedia file.
Which version of VLC Media Player is affected???
VLC Media Player versions prior to release 0.9.8 are affected, BSI reports. The software maker has fixed the problem for Version 0.9.8, but to date has only made the source code available.
Solution:
All VLC Media Player users are advised to remove the file libreal_plugin.* manually from the VLC plug-in installation directory.
Or
Download the latest VLC media Player to be on safe side(That's what I did too).
I still advocate for this wonderful open-source media player called VLC Media Player. It's extremely lightweight and robust.
src
Comments