Apple

Users told to uninstall unsecured Apple QuickTime from Windows PCs

Security experts and a US government agency are advising Microsoft Windows users to immediately uninstall Apple’s media player QuickTime from their PCs.

Apple is no longer providing security updates for QuickTime for Windows, leaving the PC version vulnerable to exploitation.

Uninstall Warning

Security firm Trend Micro has discovered two new bugs in the software that could be used to launch attacks on PCs if users visit a malicious web page or open a malicious file. And because Apple has decided not to patch the Windows version, the only sensible advice was to uninstall the software.

We’re putting the word out that everyone should follow Apple’s guidance and uninstall QuickTime for Windows as soon as possible,” blogged Trend Micro. “This is for two reasons. First, Apple is deprecating QuickTime for Microsoft Windows. They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it.”

Second, our Zero Day Initiative has just released two advisories detailing two new, critical vulnerabilities affecting QuickTime for Windows,” wrote Trend. “These advisories are being released in accordance with the Zero Day Initiative’s Disclosure Policy for when a vendor does not issue a security patch for a disclosed vulnerability.

And because Apple is no longer providing security updates for QuickTime on Windows, these vulnerabilities are never going to be patched.”

The security vendor said it was not aware yet of any active attacks using these flaws.

It should be noted that Apple is still maintaining QuickTime on Mac OS machines.

The advice to uninstall QuickTime from Windows PCs was quickly echoed by the US Department of Homeland Security’s US Computer Emergency Readiness Team, or US-CERT.

Exploitation of QuickTime for Windows vulnerabilities could allow remote attackers to take control of affected systems,” it warned. “The only mitigation available is to uninstall QuickTime for Windows.”

Irresponsible Move?

The decision by Apple not to provide any more security updates for QuickTime is puzzling.

The iPad maker has made no official announcement that it is retiring the PC version, which has been in existence for approximately 20 years, which means there should be a sizeable number of PC users affected by the decision.

Indeed, the only announcement of a decision to kill off the product came when Trend notified Apple that it had discovered the two flaws, and Apple told it that it was “deprecating QuickTime for Microsoft Windows.”

Antony Savvas

York, UK-based Antony Savvas has been a technology journalist for 25 years and has expertise in all major areas of enterprise and consumer IT. He has worked for a number of leading technology magazines and websites and his work is syndicated across the internet. He also undertakes corporate work for some of the world's leading technology companies.

Share
Published by
Antony Savvas

Recent Posts

Flashpoint enters new chapter with global partner programme

Security vendor Flashpoint debuts partner programme following $28m funding

7 years ago

Channel partner “disconnect” hindering growth

Complex buying journeys and sprawling partner networks hampering customer experience, says Accenture

7 years ago

Cyxtera launches global channel partner programme

Datacentre provider Cyxtera says launch is “milestone in our go-to-market strategy”

7 years ago

US IT provider brings mainframe services to UK

Ensono highlights importance of mainframes still to major industries

7 years ago

VASCO and Nuvias expand distribution across EMEA

Security vendor VASCO looks to replicate UK and German set up across EMEA

7 years ago

Splunk says channel investments driving growth

Splunk details investment in Partner+ programme at .conf2017

7 years ago