You are here

[Closed] VLC subtitle vulnerabilty

3 posts / 0 new
Last post
Last seen: 1 year 3 weeks ago
Joined: 2017-03-10 03:00
[Closed] VLC subtitle vulnerabilty

VLC 2.2.4 (current version here) has a serious bug that allows complete device takeover. This has been known by VLC for months, and a preliminary fix was included in v2.2.5.1 release back in January 2017. Why has the portable version here not been updated? If we users are to rely on the software offered here, it would be nice to be able to have confidence that security problems are addressed in a timely manner.

I expect the developers here to pay attention to SERIOUS bugs.
Reference the VLC site and Torrent Freak at

Last seen: 1 day 12 hours ago
Joined: 2010-06-05 17:19
There is a thread called

There is a thread called Outdated Official Apps here, where you could easily post information on updates.
Please note, that all developers here at work on apps in their spare time. Sometimes updates are missed and we rely on community members like yourself to remind us. Feel free to help us and do some monitoring.

John T. Haller
John T. Haller's picture
Last seen: 2 hours 24 min ago
Joined: 2005-11-28 22:21
Updated, Let Us Know In the Future

I've updated VLC Portable to, pushed to mirrors, and pushed to platform users.

In the future, please let us know in the Outdated App thread linked above when an app is out of date. If there is a security vulnerability being patched, please let us know that as well. We generally have apps with security apps updated within a few hours as they get priority. I didn't realize there was a security vulnerability in this update of VLC so it hadn't been marked as priority.

Also, for clarification, VLC was released on May 12, not in January.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments