Should you uninstall VLC media player or not? Here's what the company has to say about "very serious" security flaw

A 'potentially serious' security flaw discovered by German security agency CERT-Bund has sparked a debate whether you should uninstall VLC media player or not. Its developer VideoLAN has refuted claims about the security flaw, which is widely reported in the news.

VideoLAN has issued a pretty bold and detailed clarification on Twitter saying VLC is not vulnerable. Although the company acknowledged the flaw, it noted that the issue was fixed 16 months ago.

"About the "security issue" on #VLC: VLC is not vulnerable. The issue is in a 3rd party library, called libEBML, which was fixed more than 16 months ago. VLC since version 3.0.3 has the correct version shipped," VideoLAN posted on Twitter.

READ | Media File Jacking Flaw Could Open Up Possibilities For Cyber Criminals To Invade WhatsApp And Telegram Media Files, States New Research

In its subsequent tweets, VLC further denied that the issue even exists and also called out MITRE, vulnerability reporter and a news publication for not reaching out to the company regarding the discovery.

Meanwhile, We have reached out to VLC for more details.

Here's what happened

Earlier, reports had emerged highlighting a 'potentially serious' security flaw in VLC media player for Windows and Linux. According to initial reports, the issue reported would be serious enough to make VLC media player vulnerable to remote code execution via malicious videos.

The alleged security flaw in VLC has been assigned a 9.8 critical score on NIST and a similar warning has also be issued by CERT. In a nutshell, the issue supposedly means that it could use MKV files to compromise VLC.