If you have QuickTime video player on your Windows PC, please uninstall it to protect your PC from risk of cyber-attacks.
According to the cyber security firm Trend Micro, QuickTime for Windows has two critical vulnerabilities that puts users at risk of attack. In April 2016, Trend Micro published two security advisories ZDI-16-241 and ZDI-16-242 in their Zero Day Initiative mentioning about the critical vulnerabilities that affects the software. Both vulnerabilities could allow remote attackers to take control of computer by disguising and misleading users to visit malicious pages or running a malicious files.
Apple stated that the vulnerabilities will not be patched and Apple will no longer support the said software on the Windows platform. Apple has published instructions to remove QuickTime for Windows. (Note that QuickTime on Mac OSX is not affected.)
In order to prevent security threats caused by the flaws, in the month of May, ICTO has taken automated steps to remove of QuickTime for Windows on all computers provided by ICTO.
If you have QuickTime for Windows in your personal computers, we recommend you to follow the steps below to uninstall it:
- Click on the “Start” button.
- Open “Control Panel”.
- Choose “Programs and Features”.
- Find QuickTime in the list of programs, and select “Uninstall”.
- Choose “Remove“.
For more information about the security vulnerabilities associated with QuickTime, please visit the following links:
- Trend Micro – Urgent Call to Action: Uninstall QuickTime for Windows Today
- Zero Day Initiative Advisory ZDI 16-241: Apple QuickTime moov Atom Heap Corruption Remote Code Execution Vulnerability
- Zero Day Initiative Advisory ZDI 16-242: Apple QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability