[vlc] Malicious code in MP3 files: will VLC execute them?

[Dotan Cohen]

On Fri, Jun 24, 2011 at 14:27, Arioch <the_Arioch at nm.ru> wrote:
> Never heard of virus inside plain mp3.

>From a google search it does seem that there have been mp3 exploits in the past.


> While i personally had Windows Media Player downloading and installing virus
> when playing wma/wmv
> Microsoft told it was needed for DRM and it is okay for them to do.
>

I know that Windows Media Player will happily download codecs from
wherever the wma file points it to. That was probably the issue.


> However, there are a lot of wrongly names files, i met a lot of ASF/WMV
> files with .AVI extension and WAV-MP# with .MP# extensions, so checking with
> http://MediaInfo.sf.net 1st whether file format is really mp3 would worth a
> try.
>

Thanks. I can also run the linux command "file" on them.


>> auto-garbage loading executable code from the drive. Should I run it
>> through ClamAV on the Linux computer first? That is a hassle as the
>
> No, any antiirus is catching yesterday snow. New viri would go beyond it.
>

I see.


> If you really so afraid then
>
> 1) use safe browser like Opera and teach wife to safe habits

This she knows!


> 2) install www.SandBoxie.com and teach wife to run all internet-related
> programs including VLC on internet mp3's via SandBoxie

Nice, thanks. I have heard of this in passing, it looks great.

> 2.1) if it is not enough - SB would probably protect from infections but
> would probably let private data sniffed and uploaded in SirCam way - install
> VirtualBox/VMLite with Linux and teacj her to sure inet an listen music in
> virtual test-glass. You can configure it to revert all virtual-HDD changes
> on shut-down as an extra measure of safety, after setting browser to keep
> notes/bookmarks/passwords/etc in the cloud.
>

This is a good idea, thanks. I am familiar with VirtualBox.

Have a peaceful weekend.


-- 
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com