VLC 3.0.12 – Solution to Vulnerabilities to Run Malware

VLC Media Player is one of the most used multimedia players in the world, one of the essential programs on any PC. With it we can reproduce practically any video in any format on our computer without having any problem with the codecs. Such a popular program is certainly a very interesting target for hackers. For this reason, when there is a new version of it, it is important to install it as soon as possible, especially if it arrives full of corrections as it happens with 3.0.12.

A few hours ago, VideoLAN , responsible for this player, released this new version for all Windows, macOS and Linux users. Despite being a minor update, this one has come with a large number of changes, improvements and, above all, security fixes. An update that we must install as soon as possible.

VLC 3.0.12 - Solution to Vulnerabilities

Changes in VLC Media Player 3.0.12

The new VLC has focused on correcting a series of bugs in this program with which to improve the user experience of all users. These faults were found throughout many of the elements that make up this program, for example, in the decoding modules, the audio and video outputs and in the interface itself.

Some of the most interesting changes that we find in the program are:

  • New RIST access module.
  • Solution to sound distortion.
  • Much more stable Direct3D11 playback.
  • Visual improvements in macOS.
  • Updated translations.
  • Improved YouTube script.

Finally, indicate that this version has already been prepared to work on macOS ARM processors.

Security fixes

This new version of the VLC player focuses, above all, on correcting a series of vulnerabilities reported by the NSFOCUS security team . The two types of security flaws that we will find are, on the one hand, buffer overflow, and on the other hand, elimination of invalid references. In both cases, these failures can cause the player to crash while we are using it, or the ability to execute remote code on the system.

In order to take advantage of these security flaws, an attacker must create a specially designed video file and trick the victim into running it with this program. Most likely, all crashes will crash the player, but there is a small chance that code execution may occur.

At the moment no exploits have been detected in the network that take advantage of these flaws, although it is not entirely ruled out that they could have been used.

Download or update

This new version of the open source media player is now available to all users. We can download it, free of charge, from its main website . The program, of course, installs without any adware or unwanted software.

If we already have the program installed on the computer, we will see a warning with this new version the next time we open it. And, from this notice, we can proceed to update the player.

VLC 3.0.12

We can also use the “Help” menu to check for new updates to this software.