Dodgy vids can hijack PCs via VLC security flaw, US, Germany warn. Software's makers not app-y with that claim VLC is said to be once again vulnerable to remote-code execution – meaning a booby-trapped video opened by the software could potentially crash the media player, or joyride it to run malware on the host machine. However, the developers of the open-source application, which has been downloaded literally billions of times and …
Did a quick test. On my system (Win10) VLC uses twice as much memory as MPC (at idle, not playing anything), which does make it sound bloated, but that's 9.9MB vs 4.9MB, which on a modern PC is hardly resource hogging is it? Both used about 80-90MB when playing a video. So, both are pretty light on resources by the standards of the last decade or so (I think I'd have to go back pre-2000 to find a computer that I owned with less than 100MB of RAM).
My original problem with MPC (from back when it came out) was that I never understood why someone would want to clone Windows Media Player from the pre-XP days. Otherwise they're pretty similar on features, but I think I'll stick to the one I'm familiar with.
MPC was for users like me who preferred the older Windows Media Player to the skinned one (I think it was the WIndows ME era it came out).
If I wanted a skinned player I would use Sonique (More for Visualisations) or Winamp (More for the look).
If I wanted just to check clips quickly MPC loaded quickly and meant I could ditch Real Alternative and Quicktime Alternative (I have a feeling they were called something else but can't recall).
These days I use VLC on my machine as it just works with everything (Including old episodes of the original Pure Pwnage Online Series), however I usually watch my videos on a tablet or tv so actually.
I have no issue with either, both do the job but VideoLan is easier to keep up to date (As Media Player Classic stopped updating, went to Media Player Classic Home Cinema, etc...)
*Edit: I am pretty sure the skinned Media Player was in ME as it always crashed if you didn't have more than 128MB of ram, so most users found the "classic" media player still on the drive and ran that instead.
MPC and the derivate MPC-HC have always been lightweight, no-nonsense players which mimiced the original Windows Media Player (well, v6.4) when MS decided to skin WMP in post 6.4 versions, made it more demanding for hardware of the era and just made it less usable.
Back in 2006-2007 Windows Vista brought the DX Video Acceleration 2.0 API which enabled dedicated hardware to decode H.264 and VC-1 - very demanding chore without unless you owned the very latest and greatest Intel C2D CPUs and even then there was a chance of dropping frames in FullHD Bluray playback on PC. At the same timeline ATI&NVidia brought their latest GPU generations which happened to have quite reasonable HD decoding features, called UVD and Purevideo.
MPC-HC was a fork of MPC (or just renamed?) and one of the very first FREE media players to support DXVA2 and thus GPU decoding, around 2007-2008 timeline. VLC took ages to support GPU decoding - v1.1 in 2010 and it was buggy for a long time.
VLC is fine these days, but I still prefer MPC-HC just because I'm used to the UI.
It was one of a few forks after the original MPC stopped being maintained, according to wikipedia by Gabest which I seem to remember.
I must admit I have no issue with the UI, but then again I have no issue with 7Zip's UI when I know people will look at it and glaze over.
@AC - You might might want to revisit MPC-HC website [and it is windows only]
v1.7.13 is released and farewell
July 16, 2017 XhmikosR
v1.7.13, the latest, and probably the last release of our project…
Tested on VBox Guest on Win10 running SokydK [debian stable] .....IT CRASHED VLC latest
On Win10 it did nothing will not play but did not crash.
I have implemented a quick-link to a killall -9 vlc script on my desktop bar to save having to keep a process monitor open to kill it every other video.
Though to be fair, in my case it appears to be the h264/hvec decoder and/or the MP4 container format generated by Eris-and-her-daughters-knows-what encoder, that is actually spitting the dummy, taking VLC zombie with it. Never had an issue with anything converted to x265 in a Matroska container via Handbrake, which is my default action with anything I can process that way before viewing, given the choice. (When oh when will students follow the submission guidelines provided!)
Sounds a bit like an outdated version of MPAC -or whatever else there is installed for .h264/5. The probably most hassle and GUI-free way to watch HVEC/AVC anyway is to install mplayer and just select "open with mplayer" (or doubleclick the video after setting the right default action). Used to work even with Windows and has the advantage of getting told explicitely what there is that exactly causes potential trouble when run from the command line.
This post has been deleted by its author
On Mint, earlier this year I discovered a few hundred GB of Snap installation packs left in one of the obscurer Linux directories.
I removed them and all the applications still ran; but after a short while I removed the Snap installers and the applications which I reinstalled the good old-fashioned way. Hard disk space may be cheap now, but I don't intend to devote a good slice of a 250 GB SSD to files that can't even be bothered to self-destruct after installation.
As for players, I use SMPlayer virtually exclusively. One needs to adjust preferences, but say, easy to allow multiple instances to watch a lot of videos at the same time.
I did have a temporary application a couple of years ago where I was provided with a non-standard format video file intended to be played on three adjacent monitors. With no budget, we borrowed two of the monitors and I built a computer with two video cards (one running two monitors, the other one) from spares, but I couldn't get VLC to go "fullscreen" across all three, nor Mplayer. I tried splitting the video into three normal-shaped parts and running them in three separate instances of VLC with no luck whatsoever. Mplayer came much closer to working, but in the end the best solution, and one I kicked myself over when I realised, was to tell KDE that when I said "fullscreen" I meant all three screens together. VLC still wasn't entirely happy (never did track that down) but Mplayer worked just fine.
I am also playing with a user-interactive which would show four or maybe six looping "thumbnail" videos and cause the full video to play when a user touches a thumbnail. Believe it or not, even a Raspberry Pi 2 can play three or four videos simultaneously from the SD card when using the incredible omxplayer.
M.
I merely got an error like this:
[00007f5b20c156e0] avformat demux error: Could not open /home/ff/heap-over-flow.mp4: Unknown error 1094995529
Further, the same vlc window was responsive (for example I was able to open some *other* video file and ask it to play it, and it did).
On my Linux mint box VLC did NOT crash or even throw any error when i tried to play the heap-over-flow.mp4, just nothing showed inside the player. And I was able to play other videos after trying to play it so it appears VLC was not effected by the heap over flow bug in my case.
So its clearly not an open and shut case of it will crash every VLC version on every OS
(to be clear, it looks like Shaun or the editorial team updated the article just as I posted the above comment, which was within the hour of VLC tweeting it - not bad, El Reg, not bad.
Could be a juicy little story about the lackadaisical attitude of Mitre and Certbund in there as well...)
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
