VLC Media Player 3.0.8 Released with 13 Security Fixes


Level 85
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
VideoLan has released VLC Media Player 3.0.8 and it is now available for Windows, Mac, and Linux. This release fixed 13 security vulnerabilities as well as providing improvements to video playback.

The main improvements in this release includes a fix for stuttering while watching low frame rate videos, better adaptive streaming support, fixed WebVTT subtitle rendering, and improved audio output in macOS and iOS.

In addition, this release fixes 13 vulnerabilities that include numerous buffer overflow, null after free, null dereference, and division by zero vulnerabilities. Many of these vulnerabilities, if not all, were discovered directly by the VLC developers.

According to VideoLan's security bulletin, these vulnerabilities could be exploited by a remote user creating a specially crafted file and tricking a user into opening it. Doing so would trigger a crash or perform code execution in the security context of the logged in user.