There is no security issue in VLC – VideoLAN president

Following reports that German cybersecurity agency CERT-Bund had discovered a critical flaw in VLC media player, VideoLAN president Jean-Baptiste Kempf has publicly denied that the alleged flaw is functional.

Speaking with The Daily Swig, Kempf claimed that the security issue had only been present in a third-party library, and a fix was pushed out 18 months ago.

“The issue was there two years ago, but it’s absolutely not possible to take control [of someone’s device now],” he said.

Kempf suspects that the bug reporter was running an outdated version of Ubuntu.

“The guy never contacted us,” said Kempf. “This is why you don’t report security issues on a public bug tracker. The issue was there two years ago, but it’s absolutely not possible to take control [now],” he said.

Kempf also said that his team at VLC were not able to replicate the exploit in the latest version of VLC.

CERT-Bund has since downgraded the level of the exploit to “low,” but still maintains that the issue impacts VLC’s most recent version.

Now read: New Windows 10 start menu leaked

Latest news

Partner Content

Show comments

Recommended

Share this article
There is no security issue in VLC – VideoLAN president