Vulnerability in VLC media player enables remote code execution

Didier Stevens of the Internal Storm Center reports that for several Windows versions, the update server incorrectly reports that no new version is available, leaving users with a vulnerable version. A new version of the popular media player VLC media player has been released that fixes several vulnerabilities, including a security vulnerability that enables remote code execution. Users can also download the latest version themselves at VideoLAN.org.