If there is a piece of software that belongs in the Internet Hall of Fame, it is VLC Media Player. The orange traffic cone symbol is everywhere. It plays everything. It never complains. It expects nothing in return. But being the world’s most widely used media player makes you an enormous target. Attackers love to hit widely deployed software, and the VideoLAN team (the non-profit volunteers who create VLC) has released version 3.0.22, which fixes some rather nasty holes.
This isn’t an eye-popping update with neon buttons or digital assistants. It is a ‘plumbing and foundation’ update, the kind that prevents your digital house from flooding. If you have VLC installed — and statistically, you likely do — it’s time to hit that update button today.
The Buffer Overflow Nasty
The headline fix in this release mitigates ‘buffer overflow’ vulnerabilities. To put this another way, if you think of a bucket (the buffer) that the software uses to hold data while it plays a video. A hacker can create a video file that dumps way more water in that bucket than it can hold. When that overflows, the water (data) spills into parts of the computer’s memory where it shouldn’t be. This can then be used to crash the program, or, in worst-case scenarios, let the hacker run their own commands on your machine.
These vulnerabilities were rated as high-severity. That means you may have broken your system by simply downloading and opening a movie file from a rogue website. Version 3.0.22 reinforces the bucket. It adds guards to ensure that, regardless of the amount of data a given file tries to push, memory boundaries are honoured. It’s unsexy work, but it’s important work.
A Treat for AMD Users
But it’s not all doom-and-gloom security talk. This update adds official support for AMD’s Frame Rate Doubler technology for Windows 10 and 11 users with AMD graphics cards, bringing buttery-smooth performance.
(General rule: Movies are shot in 24 frames per second. This gives them that cinematic look, although on modern high-refresh-rate monitors (often running at 144Hz or above), some fast panning shots may seem a little stuttery or ‘juddery’ at 24fps. Frame Rate Doubler uses the graphics card to interpolate, or guess, what the frames in between the real frames should look like. It auto-increases the frame rate, so it’s incredibly smooth (like a high-end soap opera). In the past, turning this on in VLC required tinkering and hacks. Now, it is baked in. If you have the hardware, your movies are about to look alarmingly real.
The Open Source Hero
It is worth noting that VLC is a volunteer-maintained project. They don’t sell your data; they don’t serve you ads. We achieve updates like 3.0.22 through the community’s commitment. Updating is not merely a defence of your computer; it’s a salute to the folks who keep the traffic cone standing in a world of corporate walled gardens.
