“From this point on, the attacker can do whatever he wants with the victim’s machine, whether it is a PC, a smart TV, or a mobile device.
“By conducting attacks through subtitles, hackers can take complete control over any device running them,” said the researchers. Compounding this fact is that there are more than 25 different subtitle file types to be exploited. It said that part of the danger was that subtitle files, often downloaded from free repositories, are seen as benign text files that couldn’t possibly be malicious.
VLC and Kodi are two of the programs cited by researchers at CheckPoint, which estimates as many as 200 million PCs, Android smartphones and smart TVs are affected. A vulnerability in how subtitles are delivered to several popular media players could allow an attacker to gain complete control of an affected device simply by creating a dodgy file.
0 kommentar(er)
