Kodi 17.2 Coming To Fix Malicious Subtitles Issue And More
Kodi 17.2 will soon be available to download to fix malicious subtitles issue among other things. Here are the details on it.
The online streaming of media and content is fast becoming one of the most popular ways for users at home to consume media. New services are being used and experienced on a daily basis by media lovers, including Kodi, Popcorn Time, and VLC, but researchers are now suggesting that users of those platforms could be putting themselves at risk of being compromised by malicious subtitles.
Such is the seriousness of this issue that Kodi developers have come out with a statement that “We will release 17.2 which will have the fix this week”. It may initially seem like a relatively low-key, innocuous problem that wouldn’t have much impact given its niche nature, but research firm Check Point has gone as far as taking the opportunity to describe the attack vector as the most widespread and easily accessed vulnerability of this nature which offers literally no resistance from the user’s end.
Most of those with subtitles are entirely legitimate and above board, but it seems that some individuals creating this content with malicious intent can use that subtitle system to hijack the machine it’s being played on and wreak havoc, and we can only hope and assume that following this revelation, developers of various other media players will soon follow suit in fixing this vulnerability.
An accompanying demonstration video highlights the issue and shows exactly how easy it would be for an attacker to compromise a system should they see the need to. Luckily it seems that the owners and maintainers of various affected platforms, are more than aware of the situation and have already been working behind-the-scenes to fix the vulnerability to ensure that users cannot be affected by this type of attack going forward.
As for Kodi users, version 17.2 should be coming out soon for all supported platforms with a fix for it, and as always, we will keep you updated as and when it rolls out.