plugin check incorrectly reporting vulnerable plugin
VLC Web PluginVLC media player Web Plugin 2.1.3 is vulnerable and invites me to go to vlc website to download 2.1.5. I did this a few days ago and have 2.1.5 installed but the plugin check keeps thinking i am still on 2.1.3. and is still telling me to update a vulnerable plugin
Mafitar da aka zaɓa
All seems to be fixed now with the latest versions of vlc and flash. thanks ...
Karanta wannan amsa a matsayinta 👍 0All Replies (9)
The problem is, the checker thinks that version 12.53.3r <example> is the current version. So even if you show up with a newer version, it will flag it as out of date, until someone updates its data.
In the past, VLC has packaged the unmodified previous version of the plugin with a new release of the stand-alone player, without updating the version number in the plugin itself. When that happens, the plugin checker is impossible to satisfy because it assumes that the plugin will have the same new version number. I haven't checked VLC's site/forum, but I imagine this would come up there if it has happened again.
I guess the easy way is just don't do anything till next update.
I can confirm that the version of npvlc.dll is still at 2.1.3 even though I am running VLC 2.1.5.
richlaughlin said
VLC Web PluginVLC media player Web Plugin 2.1.3 is vulnerable and invites me to go to vlc website to download 2.1.5. I did this a few days ago and have 2.1.5 installed but the plugin check keeps thinking i am still on 2.1.3. and is still telling me to update a vulnerable plugin
Honestly I'd be more concerned from a security aspect if I was running WinXP . I've got an old PC which I took off line after the final update patch from MS. Why not try Ubuntu, I have a spare PC running it, though our main ones are running Win7x64 - Office2010 Pro Plus until Windows10 has been fully run from Beta. It's looking positive if for once Redmond does not rush to launch before its Kosher.
Over 2 months later and the plugin check is still displaying the wrong information. If VLC don't want to change the field that the plugin is looking at, then i guess the plugin needs to find one that says the correct one.
It's now being listed under unknown plugins. I don't think that's correct either as the videolan website hasn't changed, the link is still here http://www.videolan.org/index.html
Now getting the same issue with Adobe Flash PlayerShockwave Flash 16.0 r0.
Plugin check reporting vulnerable 16.0.0.257. Link takes me to download and install Version 16.0.0.287
I've downloaded and installed it twice, closed and opened firefox but ot still says i have the vulnerable version.
Zaɓi Mafita
All seems to be fixed now with the latest versions of vlc and flash. thanks ...