VLC 2.2.4 (current version here) has a serious bug that allows complete device takeover. This has been known by VLC for months, and a preliminary fix was included in v184.108.40.206 release back in January 2017. Why has the portable version here not been updated? If we users are to rely on the software offered here, it would be nice to be able to have confidence that security problems are addressed in a timely manner.
I expect the developers here to pay attention to SERIOUS bugs.
Reference the VLC site and Torrent Freak at https://torrentfreak.com/malicious-subtitles-threaten-kodi-vlc-and-popco...
There is a thread called Outdated Official Apps here, where you could easily post information on updates.
Please note, that all developers here at PortableApps.com work on apps in their spare time. Sometimes updates are missed and we rely on community members like yourself to remind us. Feel free to help us and do some monitoring.
I've updated VLC Portable to 220.127.116.11, pushed to mirrors, and pushed to platform users.
In the future, please let us know in the Outdated App thread linked above when an app is out of date. If there is a security vulnerability being patched, please let us know that as well. We generally have apps with security apps updated within a few hours as they get priority. I didn't realize there was a security vulnerability in this update of VLC so it hadn't been marked as priority.
Also, for clarification, VLC 18.104.22.168 was released on May 12, not in January.
Sometimes, the impossible can become possible, if you're awesome!