Jump to content

Kodi, VLC and other media players are open to malware attack via subtitles


Recommended Posts

Posted

Do you use Kodi or VLC – pieces of open source streaming software which act as a central media center for all your digital files? Then you need to know about a serious vulnerability affecting these media players (and several others), pertaining to the use of subtitles – although the good news is fixes are already available (but of course, they need to be applied or you’re running some big risks).

Security firm Check Point discovered the flaw in Kodi, VLC, Popcorn Time and Stremio (it may be present in other players, too), which involves maliciously altered subtitle files capable of giving an attacker nothing less than complete control over the target device.

Note that simply watching a film with its own subtitles on one of these media players isn’t a problem at all. The risk comes when using downloaded subtitles which are automatically picked up from various online repositories by some media players when you select the language of subtitles you require.

As Check Point notes, the subtitle repositories are treated as a trusted source by the media playing software, and an attacker can insert their own subtitles loaded with malware into these systems.

Worse still, said attacker can potentially manipulate these databases of subtitles to boost their nefarious creation up the rankings, meaning that it’s much more likely to be served to unwitting users.

And a further dollop of nastiness is the fact that these movie subtitle files are seen as simple text files by antivirus solutions, and are therefore able to fly under the radar of security software.

Media-playing millions

According to Check Point, there are currently no less than 200 million users out there running vulnerable media players.

As mentioned, all the software vendors in question have now fixed the issue, so users need to make sure that their client software is fully up-to-date in order to avoid potential infection.

Kodi’s latest version 17.2 has the fix incorporated, with any previous versions vulnerable to exploit – you can grab the new client here.

VLC has a new and fixed version of its software here, and Stremio offers a fixed client on its website.

Popcorn Time has apparently produced a fixed version, but you can’t yet download it from the official website – although as Check Point observes, there’s a manual download link here which can be used for the time being.

If you’re not running the fully updated versions of these players, obviously you should steer well clear of using downloaded subtitles until you can grab the new clients.

Finally, it’s also worth bearing in mind that other media players could potentially be affected, so a degree of caution might be a good idea on all fronts; and updating to the latest version of whatever you’re using to play movies or music certainly won’t hurt.

Via: Gizmodo

JEn50CsbyG8
Posted

wow, knew it was a matter of time.  malwarebytes Used to block bad sites/sources.  would pop up when loading sources.

Im sure some sources you connect to are malicious.

might be a vulnerability if you connect and you wouldnt know it.

like visiting a bad site via browser.

Anyone have some security help?

I use:

Kaspersky I.S.

spybot, spywareblaster, host file, malwarebytes, (not now),

only Kaspersky runs in bkgrd.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.