![]() This will disable the software's ability to play ASF videos until a patched version of the file is reinstalled during a software update.Ī patch will be included in VLC 2.0.6, the next version of the media player, which is only available for testing purposes at the moment. The plug-ins allow the playback of video files embedded into Web pages.Īn alternative solution is to manually delete the vulnerable libasf_plugin.dll file from the VLC installation directory, VideoLAN said. By default, VLC installs plug-ins for Mozilla Firefox, Internet Explorer, Google Chrome, Apple Safari, Opera and Konqueror. VideoLAN advises users to refrain from opening files from untrusted locations and to disable the VLC browser plug-ins until the issue is patched. The flaw can be exploited by tricking a user into opening a specially crafted ASF file. ![]() ![]() Vulnerability research and management firm Secunia rated the flaw as highly critical and said its successful exploitation could allow the execution of arbitrary code. The vulnerability is located in the VLC component responsible for playing ASF (Advanced Streaming Format) video files, VideoLAN, the non-profit organization that develops the media player, said in a security advisory published on its website. Versions 2.0.5 and earlier of the popular VLC media player software contain a critical vulnerability that can be potentially exploited by attackers to execute malicious code on computers.
0 Comments
Leave a Reply. |