Bad news for users of media players including Kodi, PopcornTime, Stremio, and VLC, as they are being attacked by subtitles, according to the latest information in a new report from Check Point this week. Check Point is considering this to be an extremely important issue as the company suggests that there are about 200 million video players and streamers might be prone to the vulnerability.
The Check Point announcement likely states that this is an “overlooked” and relatively simple attack. Instead relying on the user’s operations to initiate the malicious code like usual attacks before, this attack will make use of the code being initialized when the media player launches subtitles in video content. This time it can activate the code itself when users a video which makes use of subtitles and even anti-virus and other security-driven software will be overlooked by such files due to their generally innocuous nature.
In terms of the effects, Check Point says that once the code has been initiated, they will potentially have the ability to completely take over the device. Check Point also notes that the damage the attacker can cause is endless, so it is an absolutely important and possibly detrimental issue for devices prone to the issue. While Check Point has listed the name of some media like Kodi and VLC due to their large number of users, they also notice that the number of media players affected will increase. However, the announcement does also detail the next media player entities suffered with the issue. Kodi, Stremio, and VLC have already released an official fix that users can download it from their respective websites. However, according to the announcement of PopcornTime, a fix has been created, but it has yet to be made available to download.