-
Posts
858 -
Joined
Content Type
Forums
Status Updates
Blogs
Events
Gallery
Downloads
Store Home
Everything posted by Skanky Sylveon
-
Apparently in Japanese mythology, it's traditional to have ugly people be grave keepers because they believed that ugly people scared ghosts away.
That's... pretty shallow.
-
When you punch a kangaroo in the face.
-
-
Spoiler
Expensive sex expectations? Does predictive text think you're buying sex??
- Jtalk4456, Gegger and Cyberspirit
- 3
-
-
For anyone who has seen a news article stating that VLC has a serious security issue and you should uninstall it.
https://www.google.com/amp/s/www.howtogeek.com/434487/no-you-dont-need-to-uninstall-vlc/amp/
Here is a description of the vulnerability.
https://nvd.nist.gov/vuln/detail/CVE-2019-13615#vulnCurrentDescriptionTitle
For those of you who don't know what a buffer over read is, here.
https://en.m.wikipedia.org/wiki/Buffer_over-read
In layman's terms, when playing a .mkv file that has been modified properly VLC will read adjacent memory files stored in RAM, this could give an attacker information such as login information and whatnot.
While bad, the required act of having to play an .mkv file altered specifically for this makes the threat quite a bit lower, just use some common sense.
Also, keep in mind that even if this is performed, there is no guarantee that an attacker could get useful information, it all depends on how much can accessed.
So no, leaving VLC installed won't magically give hackers a backdoor to your PC, if tech journalists did even the most basic of research they would have known that, but the vast majority of journalists aren't what you would call intelligent.
-
@will4623 Having an application read adjacent memory files stored in RAM could lead to someone hijacking your PC, as they could gain access to login keys, personal information could also easily be leaked.
A hypothetical example is if you were writing an email then loaded an affected .mkv file, your browser and thus your email login information would be stored in RAM at the time and if they read the correct memory addresses they could get access to that information.
-
@will4623 I would imagine so, I'm not the biggest expert on cyber security though.
There would need to be a hijacker of some sort, not sure if that could be built into the .mkv file.