Plex Users Urged To Update Media Server After Security Flaw Exposed (nerds.xyz)
(Thursday August 14, 2025 @11:30PM (BeauHD)
from the PSA dept.)
- Reference: 0178678160
- News link: https://it.slashdot.org/story/25/08/14/236202/plex-users-urged-to-update-media-server-after-security-flaw-exposed
- Source link: https://nerds.xyz/2025/08/plex-update-security-flaw/
[1]BrianFagioli shares a report from NERDS.xyz:
> If you run Plex Media Server, it's time to drop everything and update. The company has [2]quietly patched a security issue that affects recent versions of its software, and users are being [3]told to upgrade as soon as possible . According to an email Plex sent to affected customers, versions 1.41.7.x through 1.42.0.x are vulnerable. The newly released build, 1.42.1.10060 or later, contains the fix. Plex says the flaw was found through its bug bounty program, but sadly, it has not publicly shared details about how severe the issue is or whether it could be exploited remotely.
[1] https://slashdot.org/~BrianFagioli
[2] https://www.plex.tv/media-server-downloads/
[3] https://nerds.xyz/2025/08/plex-update-security-flaw/
> If you run Plex Media Server, it's time to drop everything and update. The company has [2]quietly patched a security issue that affects recent versions of its software, and users are being [3]told to upgrade as soon as possible . According to an email Plex sent to affected customers, versions 1.41.7.x through 1.42.0.x are vulnerable. The newly released build, 1.42.1.10060 or later, contains the fix. Plex says the flaw was found through its bug bounty program, but sadly, it has not publicly shared details about how severe the issue is or whether it could be exploited remotely.
[1] https://slashdot.org/~BrianFagioli
[2] https://www.plex.tv/media-server-downloads/
[3] https://nerds.xyz/2025/08/plex-update-security-flaw/
quietly patched? (Score:2)
by Vomitgod ( 6659552 )
How was it quietly patched, when everyone running an outdated server, received an email?
That is the opposite of quiet.
Re: (Score:2)
by Vomitgod ( 6659552 )
[1]https://gifyu.com/image/bNRbh [gifyu.com]
[1] https://gifyu.com/image/bNRbh
Re: (Score:2)
by SeaFox ( 739806 )
I think the point is they patched it and released a fixed version prior to the venerability becoming public knowledge, instead of users discovering the issue being exploited and then having to wait for a solution from the vendor.
Patched (Score:1)
by spacegraysurfer ( 10268204 )
Patched, life moves on, next?
Think I'll stay where I am, thanks. (Score:3)
There have been multiple bugs that have cropped up in the 1.41.7.x betas through 1.41.9, and I'm not positive they have all been fixed now. I think I'll continue with 1.41.6.9685 for now, since that would pre-date the venerable versions.