If you use a media player that supports third-party subtitles you should probably check to see if there’s an update today. Security researchers at Check point identified a vulnerability that allowed malware to be distributed via subtitle files.

The company reached out to the developers of popular media players affected by the vulnerability before disclosing it though, so there are new versions of Kodi, VLC, and other media players available for download today.

According to Check Point PopcornTime and Stremio are also affected. You can find download links for the up-to-date versions of those applications, as well as Kodi and VLC at the Check Point website (I noticed that using the “check for updates” option in VLC on my computer did not automatically download the new build).

In addition to applying the security update, Kodi v17.2 includes other bug fixes affecting PVR, program guide, full screen video playback, and other features.

Check Point notes that part of the problem is that most anti-virus software treats subtitles as text files, which are generally pretty safe. But those text files can be made to execute code when they’re loaded into affected media players, potentially allowing a hacker to take full control of a computer, phone, or smart TV running the software.

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

3 replies on “Attack of the evil subtitles: Update your Kodi, VLC, or other affected media players”

  1. you can see in this video the main difference between windows and linux 🙂

Comments are closed.