Be careful before you fire up media player software to play that foreign-language movie -- it might be a way for intruders to compromise your system. Check Point researchers have discovered an exploit that uses maliciously crafted subtitles to take control of your device, whether it's a PC, phone or smart TV. It's not picky about the program, either -- the researchers demonstrated the flaw in Kodi, PopcornTime, Stremio and VLC. The technique isn't particularly complicated, and relies on a tendency by developers to assume that subtitles are little more than innocuous text files.
Read more here: https://www.engadget.com/2017/05/24/security-flaw-in-media-player-subtitles/