Hello, welcome to the Wednesday, May 24th, 2017 edition of the Sands and its Storm centers.

Stormcast, my name is Johannes Ulrich, and the day I'm recording from Jacksonville, Florida.

Video players have often been a favorite attack vector for attackers because they're usually

numerous vulnerabilities that can be exploited and of course it's

difficult for the user to always be up to date on patches. The latest such exploit was just made

public by a checkpoint. It does affect a number of different video players.

What they found was that Popcorn, Cody, VLC, also known as VideoLand and Stremio are all

vulnerable to this particular exploit, which actually affects not so much the video files

themselves, but subtitles.

Now the problem here is that you could download these subtitle files in addition to a movie

that you already own.

So if this movie came without subtitles in a particular language that you're interested in,

then you can download these subtitle files later. And of course,

that's how you may pick up one of these corrupt malicious files. Now, Checkpoint did disclose

this vulnerability to the four named products and patches have been released, so better make sure

you are again up to date.

In particular, since these video players had issues with subtitle files before it probably

shouldn't take too long for an attacker to come up with an exploit.

And recent mobile phones have started adding iris scanners as part of their biometric authentication,

in addition to typically fingerprint sensors.

Now, one of the nice things of iris scanners, of course, is that you essentially can get logged into the phone just by looking at it.

Also, iris scanners, of course, work better if you

...