The United States Computer Emergency Readiness Team has today issued a new note in which it revealed that Apple has no further plans to provide security updates for QuickTime for Windows. The note follows an earlier report from Trend Micro and comes as two new vulnerabilities have been discovered that could affect QuickTime for Windows users.
The two new vulnerabilities are heap-corruption-based remote code execution vulnerabilities, which essentially means that an attacker could gain access to a user’s computer by tricking them in to downloading a file from the web. While there’s nothing currently taking advantage of this hole, now that it is out in the open, it shouldn’t be too much longer.
While Apple itself has been relatively quiet regarding its plans for QuickTime for Windows, the company reportedly told Trend Micro recently that “the product would be deprecated on Windows and the vendor would publish removal instructions for users.” Apple has yet to officially confirm this on their website, however.
With two new security vulnerabilities having been discovered and Apple having no plans to issue any more updates, the U.S. government says the best way for users to protect themselves is to uninstall QuickTime from their machines:
Apple’s web plugin for QuickTime on Windows became disabled by default earlier this year and the company has never really updated the app to support Windows 8 and Windows 10, so today’s revelation is not an incredibly surprising one. For those wondering, iTunes and QuickTime were separated out a couple of years ago and iTunes no longer requires it to run properly.
Image via BestWinSoft
