Do you like watching movies with popular apps like VLC or Kodi on your devices or SmartTV? How about needing or wanting subtitles with those movies and just getting the latest pack from OpenSubtitles. No problem, sounds like a good evening at home. Problem is, according to research by Check Point, you could be in for a nasty surprise.
For the bad guys to take control of your ‘realm’, they need a vector or some way to gain entry to your system. There are some typical ways that happens these days, such as clever (and not so clever) social engineering tricks. Getting emails that appear to come from friends or co-workers which were spoofed and you opened an attachment, or went to some website and if the stars aligned, you were pwned. Usually the star alignment part is not that hard, only that you have some vulnerable software running that can be accessed.
Since the trick is getting users to cooperate, the target audience can sometimes be hard to find. But with this latest research posted, quite a few of the major media players have a unique vulnerability when it comes to accessing and decoding subtitle packages. The 4 main media players listed in the article are fixed to date, but as we have seen in the past (just look at the recent SMB v1 vulnerability issue) just because a fix is available, doesn’t mean that users are upgrading. The research has also declined to show the technical details around the exploit as to allow other vendors time to patch. That is a good sign and the proper method I believe researchers should take. Notify the vendor so they can fix the issue as well as announce it publicly so ‘we the people’ are informed and know what to look out for.
It’s hard to keep up with the multiple ways you can get infected, but at least we have researchers who tirelessly try and ‘break’ things to find those vulnerabilities. By conducting the proper disclosure methods, they help everyone enjoy a safer experience with their devices, and in this case, a great night in at the movies.