The Kodi team have released a security update to version 17 of the media center system. Version 17.2 includes a security patch that fixes an issue with a vulnerability around subtitle zip files. There was a flaw in media players including Kodi that could leave your system open to harm (see this article) and version 17.2 of Kodi fixes this problem.
Also in the update are fixes to the PVR and the EPG:
Fix selection after channelgroup switching in PVR guide window
Fix handling of gaps that caused eradic behaviour in EPG grid
Allow backing out of fullscreen pictures by mapping longpress guesture
Quick fix for wake up command not being called in PVR power management
Use alternative method to check if platform updates have been installed on Windows
Set the minimum version in the code which is currently OSX 10.8
Fix possible security flaw which could abused .zip files which try to traverse to a parent directory
Use the correct ttc font from the video file for subtitles on Windows
Detect and delete zero-byte database files which causes crashes
The update is available directly from Kodi.tv, the Google Play Store or the Windows Store.
More details at kodi.tv