Consumers need to take action immediately to uninstall a once-popular application and plug-in on their systems. QuickTime for Windows, an Apple product, needs to be removed from consumer computers as a result of some key vulnerabilities the product creates. Consumers should follow Apple’s guidance, which is to remove the QuickTime for Windows program as soon as possible from all systems. It’s important to note that the QuickTime for Mc product is not at risk and does not require uninstalling.
Why Is Uninstalling QuickTime for Windows So Important?
Apple announced that it will be deprecating QuickTime for Microsoft Windows recently. This means the company will no longer be providing users of the tool with any updates or security changes. The company directly indicated that anyone still using it simply remove it. This lack of security and updates is risky for any user.
A second area of concern focuses on two risks that users can be exposed to as a direct result of using the QuickTime for Windows product. To advisories, ZDI-16-241 and ZDI-16-242 are of key concern here. Specifically, these are two new vulnerabilities that many consumers are now exposed to. These critical-level vulnerabilities impact QuickTime for Windows users. Trend Micro stated that these advisories are in accordance with The Zero Day Initiative. The organization issues these warnings to consumers when a company, in this case Apple, does not provide a patch or security repair to an application when there is a known vulnerability present.
The Zero Day Initiative details can be found here:
- http://zerodayinitiative.com/advisories/ZDI-16-241/
- http://zerodayinitiative.com/advisories/ZDI-16-242/
Apple will not be patching to repair the risk of these threats because the company has said it will not make any security updates moving forward for the QuickTime for Windows product. In other words – there is no repair available and the risks will only worsen from here. Individuals with QuickTime for Windows on their computers should immediately remove the product as a result.
There are several other examples of software that has not been updated (and will not) by manufacturers, exposing current users of those products to risks. This include Microsoft Windows XP as well as Oracle Java 6. If you have any of these products in use or on your device, it is very important to remove them to protect from risk.
What Are the Risks?
No reported attacks are ongoing at this point. However, some consumers may have received some protection from filters. For example, TippingPoint customers have filters 21918 and 21919 in place (and have since November) to protect against QuickTime for Windows vulnerabilities. However, even with filters in place, it is always best for consumers to simply remove the problematic, no-longer-needed product instead. It is the only way to completely protect against both current as well as any future vulnerabilities related to the product itself.
Specifically, both vulnerabilities are heap corruption remote code execution risks. One occurs and allows attackers to write data outside of the allocated heap buffer. The second risk occurs in the stco atom, which provides an invalid index allowing for data to be written outside of the allocated heap buffer.
Most users who have QuickTime for Windows installed will notice no difference in removing the product. It takes only minutes to uninstall the product as well. And, because these vulnerabilities would execute code in the security context, it’s essential to remove the product altogether to prevent a malicious file to exploit them.
Compunet InfoTech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (604) 986-8170 or send us an email at info@compunet.ca for more information.