I ask them about the recently detected vulnerability.

[Fabian2101 23]

Hello, I want to notify you that for the moment my Windows operating system server was not affected by the vulnerability, everything works normally. Since I became aware of the serious problem with the vulnerability, I have adopted some measures, first I eliminated all the users who had privileges to administer the server and I created new users to transmit local and remote streaming without a password but without no privilege to manage my server, at the same time I also created a new user with administrator privileges to exclusively manage the server but never use it to stream on the local network, nor remote streaming. Also, for the new exclusive user to administer the server, I configured the option to not allow remote connections to that user, so that user is only accessible from the computer where the server is installed.

For all this that I am explaining to you, I ask you if it is safe for me to use all the users to do local and remote streaming without the privilege of managing my server, and that I have an exclusive user to manage the server with the remote connection disabled and also hidden from all local and remote clients, in this way the exclusive users for streaming can continue working without any password. Since it is very annoying to have to be typing passwords in the local network. Besides, I use the Beta version for windows with the current version 4.8.0.37 and I think that the vulnerability affected the stable version more.

¿Can I safely continue to use all users without exclusive passwords for streaming, but without any privileges to administer the server, and with another unique user exclusive to administer the server with the remote connection disabled, and hidden from all local clients and blunt?

[pwhodges 1833]

That should be OK.

And as you note, the current beta (since 4.8.0.31) does not have the vulnerability, nor does the current (new) stable version 4.7.12.0.  Also, if you use a reverse proxy, that almost certainly blocked the vulnerability before it affected Emby.

Paul