Plex has sounded the alarm for its users to urgently patch their media servers due to a newly identified security vulnerability. This crucial update affects specific versions of Plex Media Server, particularly from 1.41.7.x to 1.42.0.x.

Just days after rolling out security fixes, Plex reached out to users on Thursday, emphasizing the importance of updating their software without delay. The company has yet to assign a CVE-ID to the vulnerability but has conveyed that it was flagged through its bug bounty program, thanks to a vigilant user.

In a direct email to affected users, Plex stated, "You're receiving this notice because we have identified that your Plex Media Server is running an outdated version. We strongly recommend updating to the latest version immediately to enhance your security." The version 1.42.1.10060 is now available for download from the server management or official downloads page.

While Plex remains tight-lipped about the specifics of the flaw, the urgency of their communication suggests a serious threat. Experts warn users to heed the call for updates before malicious actors can reverse-engineer the patches and exploit the vulnerability.

This isn't the first instance Plex has faced critical security issues; however, it is notable for being one of the few times the company has proactively informed customers about a specific vulnerability.

Looking back, in March 2023, the Cybersecurity and Infrastructure Security Agency (CISA) tagged an older remote code execution vulnerability in Plex Media Server—CVE-2020-5741—as actively exploited. This vulnerability previously allowed attackers to run malicious code on servers, raising significant alarm.

While details on specific attacks exploiting this flaw remain scarce, they may be tied to a broader security concern involving LastPass, where hackers leveraged vulnerabilities in third-party software to gain access to sensitive systems.

Users are urged to act quickly: ensure your Plex Media Server is updated to guard against emerging threats and maintain your digital safety!