VLC 2.2.4 (current version here) has a serious bug that allows complete device takeover. This has been known by VLC for months, and a preliminary fix was included in v2.2.5.1 release back in January 2017. Why has the portable version here not been updated? If we users are to rely on the software offered here, it would be nice to be able to have confidence that security problems are addressed in a timely manner.
I expect the developers here to pay attention to SERIOUS bugs.
Reference the VLC site and Torrent Freak at https://torrentfreak.com/malicious-subtitles-threaten-kodi-vlc-and-popco...
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
There is a thread called Outdated Official Apps here, where you could easily post information on updates.
Please note, that all developers here at PortableApps.com work on apps in their spare time. Sometimes updates are missed and we rely on community members like yourself to remind us. Feel free to help us and do some monitoring.
I've updated VLC Portable to 2.2.5.1, pushed to mirrors, and pushed to platform users.
In the future, please let us know in the Outdated App thread linked above when an app is out of date. If there is a security vulnerability being patched, please let us know that as well. We generally have apps with security apps updated within a few hours as they get priority. I didn't realize there was a security vulnerability in this update of VLC so it hadn't been marked as priority.
Also, for clarification, VLC 2.2.5.1 was released on May 12, not in January.
Sometimes, the impossible can become possible, if you're awesome!