eric cartman

VLC Media Player: Fehlalarm?

Recommended Posts

I happened to notice this.  I just tried the same thing in VLC 2.2.5.1.   Does the exploit-blocker take into account the version of VLC one is running?

Share this post


Link to post
Share on other sites

Yes, this alert occurs due to the way VLC creates its subtitles directory. To avoid this alert you can create that folder manually and then run VLC. You'll find that you can then download subtitles without problems.

Create the following folder: C:\Users\<your username>\AppData\Roaming\vlc\lua\extensions\userdata\vlsub

 

Share this post


Link to post
Share on other sites

Elise, thank-you, that worked.  Back to my question though, does the exploit blocker pay attention to which version of a program is to be blocked?

Share this post


Link to post
Share on other sites

Guten Tag, 

 

Da wir uns im deutschen Support Forum befinden hier noch eine Übersetzung von Elsie's Erklärung :

 Sie sagt, dass die Warnung durch die Art und Weise ausgelöst wird, wie vlc seinen Unterordner für Untertitel erstellt. Die Warnung wird nicht mehr angezeigt, wenn der Ordner einmal erstellt ist. 

Von daher würde ich empfehlen den Ordner  C:\Users\<benutzername >\AppData\Roaming\vlc\lua\extensions\userdata\vlsub von Hand zu erstellen. 

 

Mit freundlichen Grüßen 

Kathrin 

 

 

Share this post


Link to post
Share on other sites

Jeremy, no, the exploit protection only looks at the behavior and whether that is suspicious or not.

Share this post


Link to post
Share on other sites

Elise: so, it's not the creation of that sub-folder by some version of VLC that's suspicious, but the way in which that is attempted?  Is that because that (API or whatever) can be used to issue other commands, and/or EIS doesn't see what the command involved is?

 

Share this post


Link to post
Share on other sites

Without going into details, no not the fact that VLC creates this subfolder is suspicious (this is normal and a lot of programs create subfolders for a variety of legitimate reasons). However VLC uses a method to implement this that is considered suspicious because real exploitation might use similar code. This does not mean that the API for example could be used to issue other commands, you just wouldn't expect VLC to use this particular script to accomplish the task (if anything I'd call it sloppy coding/implementation).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.