The security firm, Trend Micro has recently issued a statement, asking all Microsoft Windows users to uninstall QuickTime as soon as possible. The US Department of Homeland Security has also endorsed this statement, due to two critical security flaws found in the multimedia program.
Trend Micro’s Zero Day Initiative has released two advisories ZDI-16-241 and ZDI-16-242 detailing the vulnerabilities affecting QuickTime for Windows. These vulnerabilities could become catastrophic as Apple no longer provides security updates for Windows and as the result these vulnerabilities will never be patched.
The company isn’t yet aware of any attacks using these vulnerabilities but potentially these can be used to execute malicious code on a target computer and gain access to sensitive user data.
QuickTime for Windows now joins Microsoft Windows XP and Oracle Java 6 as software that is no longer being updated to fix vulnerabilities and subject to ever increasing risk as more and more unpatched vulnerabilities are found affecting it.