Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: VLC: needs upgrading too! - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VLC: needs upgrading too!

One of those little things your users might manage to get installed for themselves is VLC.

Well they too have a new release that passed by all too quietly in the last few days. Barry reminded us about it.

So VLC Media Player 0.8.6h is the one you want to upgrade to, it fixes "security vulnerabilities in the Mozilla and ActiveX plugins, in the libpng, libid3tag, libvorbis libraries and in the Speex codec."

From their release notes:


0.8.6g (source release):

Make sure to be warned by the smallest vendor/software maker of who you use software or soon or later you'll miss one getting its patch before you discover it's been exploited.

Swa Frantzen -- Gorilla Secuity


760 Posts
Jun 10th 2008
Secunia's PSI kept me up to date. It misses most open source / free software that allows different versions to be installed at the same time in versioned directories, but overall, it does a pretty good job.

Sign Up for Free or Log In to start participating in the conversation!