Kodi 17.2 rolling out with important security fix

If you're using Kodi on your Windows machine then there's an update rolling out that you need to know about. Version 17.2 doesn't add any new features but it does come with some important fixes, including one for a potential security flaw.

From the official Kodi blog:

You may have read in the news that malicious subtitle zip files could potentially infect and harm your media player including Kodi. When Check Point researchers uncovered this flaw they contact us up front to let us know about this flaw. Our developers fixed this security gap and have added the fix to this v17.2 release.

Older versions won't be getting this patch so the developers are strongly urging Kodi users to make sure they take the latest update. Other things of note in version 17.2:

  • Fix selection after channelgroup switching in PVR guide window
  • Fix handling of gaps that caused eradic behaviour in EPG grid
  • Allow backing out of fullscreen pictures by mapping longpress guesture
  • Quick fix for wake up command not being called in PVR power management
  • Use alternative method to check if platform updates have been installed on Windows
  • Fix possible security flaw in which abused .zip files try to traverse to a parent directory
  • Use the correct ttc font from the video file for subtitles on Windows
  • Detect and delete zero-byte database files which cause crashes

The update is currently pending in the Windows Store for release, but if you're not using this version you'll find it ready to go already on the Kodi downloads page.

Download Kodi from the Windows Store

Richard Devine
Managing Editor - Tech, Reviews

Richard Devine is a Managing Editor at Windows Central with over a decade of experience. A former Project Manager and long-term tech addict, he joined Mobile Nations in 2011 and has been found on Android Central and iMore as well as Windows Central. Currently, you'll find him steering the site's coverage of all manner of PC hardware and reviews. Find him on Mastodon at mstdn.social/@richdevine