VLC download site marked as malware by Microsoft

3 minute read

Home » News » VLC download site marked as malware by Microsoft

When I saw the news, I was clicking all the links to see why one of my favourite media players was being targeted by Microsoft’s Bing. The good news is that it’s not really true that the VLC Media Player is malware. However, caution is definitely suggested if you use it. Read on to find out more…

Microsoft marks VLC download site as malware

The problem is not VLC, well, not exactly anyway. In would be more accurate to say that the problem is InPage. If you are unaware, InPage is a “word processor software for specific languages like Urdu, Persian, Pashto, and Arabic”. Of course, this is not the entire story.

Who’s to blame?

Firstly, InPage is certainly part of the problem as it has a known vulnerability that can be exploited by hackers. VLC also has a problem, but it is an outdated version of VLC, which presents a problem, of course. Both these programs are used in tandem to perform the hack.

InPage


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


How did it happen?

I’ll let the Office 365 Research and Response team take over here. Here is how they described the process happening:

  • Spear-phishing email with a malicious InPage document with the file name hafeez saeed speech on 22nd April.inp was sent to the intended victims
  • The malicious document, which contained exploit code for CVE-2017-12824, a buffer-overflow vulnerability in InPage, dropped a legitimate but outdated version of VLC media player that is vulnerable to DLL hijacking
  • The side-loaded malicious DLL called back to a command-and-control (C&C) site, which triggered the download and execution of the final malware encoded in a JPEG file format
  • The final malware allowed attackers to remotely execute arbitrary command on the compromised machine.

— RELATED: Best Windows 10 antivirus solutions to install in 2019

Is this fair?

As far as I can work out, the vulnerability in the VLC Media Player no longer exists. Well, it exists but not on the VLC website itself. It appears to me that Microsoft is punishing the VideoLAN project for a vulnerability it an outdated version of its media player.

VideoLAN said on Twitter that they had no idea how to fix the issue, and I can see what they mean. While the original vulnerability was obviously a mistake, the media player had been fixed for a long time. How is VideoLAN meant to fix the dodgy versions of its software floating around the internet being used for nefarious activities?

It would seem to me that since InPage is also at fault, and the primary resource for the hack, it should fix its vulnerability. Then, it wouldn’t matter about the old versions of VLC.

Still, the important thing is that Microsoft holds itself up to the same high standards that it is holding other companies up to, so that’s good news.

Feel free to comment about this story in the box below. It’s what it’s there for.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

PC has blocked access to this file [FIXED BY EXPERTS]

Sovan Mandal avatar. By: Sovan Mandal
2 minute read

Windows 10 is an amazing platform, but sometimes you won’t be able to access certain files due to PC has blocked access to this file error. […]

Continue Reading

Make the most of your Brother embroidery machine with these tools

Vladimir Popescu avatar. By: Vladimir Popescu
Less than a 1 minute read

Being one of the most popular brands of embroidery machines on the market, Brother is an incredibly user-friendly machine that can give you the possibility […]

Continue Reading

Windows 10 update deleted sound driver [QUICK FIX]

Tashreef Shareef avatar. By: Tashreef Shareef
2 minute read

For the proper functioning of the audio and speakers of your computer, Windows requires Sound Drivers. While the Sound Drivers are generally unaffected by anything, […]

Continue Reading