I’ve been using VLC for years now and it’s the best player available today. But it appears that users are at risk due to a harmful string of code lurking subtitle files. VLC has a buffer overflow flaw and hackers are taking advantage of that. A new version of VLC came out late last month, but apparently the flaw wasn’t fixed then. Uh oh.