VLC — Popular VideoLAN Media Player

— Popular VideoLAN Media Player Kodi (XBMC) — Open-Source Media Software

— Open-Source Media Software Popcorn Time — Software to watch Movies and TV shows instantly

— Software to watch Movies and TV shows instantly Stremio — Video Streaming App for Videos, Movies, TV series and TV channels

Proof-of-Concept Video

How to Protect Your Computer from Hackers?

Do you watch movies with subtitles?Just last night, I wanted to watch a French movie, so I searched for English subtitles and downloaded it to my computer.Though that film was excellent, this morning a new research from Checkpoint scared me.I was unaware that a little subtitle file could hand over full control of my computer to hackers, while I was enjoying the movie.Yes, you heard that right.A team of researchers at Check Point has discovered vulnerabilities in four of the most popular media player applications, which can be exploited by hackers to hijack "" with malicious codes inserted into the subtitle files." he added.These four vulnerable media players (mentioned below) have been downloaded more than 220 million times:The vulnerabilities reside in the way various media players process subtitle files and if exploited successfully, could put hundreds of millions of users at risk of getting hacked.As soon as the media player parses those malicious subtitle files before displaying the actual subtitles on your screen, the hackers are granted full control of your computer or Smart TV on which you ran those files.In the above video, the researchers demonstrated that how a maliciously crafted subtitle file for a movie added to Popcorn Time media player can hijack a Windows PC. On the right-hand side of the screen, an attacker, running Kali Linux, gained the remote access of the system as soon as the victim added the subtitle file.Since text-based subtitles for movies and TV shows are created by writers and then uploaded to Internet stores, like OpenSubtitles and SubDB, hackers could also craft malicious text files for same TV shows and movies." CheckPoint researchers said.The researchers believe that similar security vulnerabilities also exist in other streaming media players.Check Point has already informed the developers of VLC, Kodi, Popcorn Time and Stremio applications about the recently discovered vulnerabilities." the researchers said.All of them have patched the flaws, with Stremio and VLC releasing the patched versions of their software: Stremi 4.0 and VLC 2.2.5 that has been out for two weeks.However, Kodi developer Martijn Kaijser said the official version 17.2 release would arrive later this week, while users could get a fixed version online. A patch for Popcorn Time is also available online.So, users are advised to update their media player as soon as possible.