German CERT-Bund researchers say they have found a major security problem on the video player that has been downloaded billions of times worldwide.
Through this problem hackers can gain access to user devices. Though it is not yet exploited by hackers, it poses a growing threat to software users.
According to CERT-Bund, the problem activates remote code execution (RCE), unauthorized modification and data discovery. Known as CVE-2019-13615, the security issue is present in the latest versions of VLC Media Player 220.127.116.11 and has received a rating of 9.8 for the risk.
The problem lies in Windows, Linux and UNIX, but not MacOS.
VideoLAN, a nonprofit organization behind VLC Media Player, says it is working to address the problem for at least four weeks.
Not so longer than last month, VideoLAN launched the biggest security update in VLC Media Player history. The update contained 33 problems addressed, two critical, 21 average and 10 small problems.