Security News > 2021 > May > VLC Media Player 3.0.14 fixes broken Windows automatic updater
VideoLan has released VLC Media Player 3.0.14 to fix an issue affecting Window users and causing the software's auto-updater not to launch the new version's installer automatically.
"VLC users on Windows might encounter issues when trying to auto update VLC from version 3.0.12 and 3.0.13," VideoLan explained.
This issue is caused by a bug introduced in the automatic updater code of VLC 3.0.12 and fixed with the release of VLC 3.0.14.
VideoLan has also addressed multiple remote code execution vulnerabilities in VLC Media Player 3.0.12 that could be used to "Trigger either a crash of VLC or an arbitrary code execution with the privileges of the target user."
Remote attackers can exploit these security flaws by creating specially crafted media files and tricking the targeted users into opening them with VLC. If you are running VLC 3.0.11 or earlier, you should immediately update to VLC 3.0.14 for Windows or VLC 3.0.13 on macOS and Linux, the latest released versions that include patches for these severe security issues.
Luckily, VLC versions up to and including 3.0.11 do not include the auto-update breaking bug, so they can easily be upgraded to a patched release using the app's built-in automatic update system.