In yet another recommendation from US Homeland Security and global IT security experts, Trend Micro, users of the popular multimedia player are being encouraged to uninstall QuickTime owing to serious concerns over recently discovered vulnerabilities.
First Java, then Windows XP, now QuickTime. What’s the problem?
These software have long been as staples in the repertoire of any PC based business but it is, perhaps, this very reason that they are proving to be such a target for critical bugs. Two brand new Zero Day Initiative security alerts have been issued which affect QuickTime for Windows (ZDI16241 and ZDI16242) both of which allow the remote execution of code that could be exploited by hackers. It should be noted that there have been no reports of any incidences of these bugs being used maliciously in the wild but, with no patches promised, this may not remain the case for long.
Everything has a shelf life
The advice to uninstall QuickTime is based on the crucial factor that Apple is no longer actively supporting the software on Windows and, as such, will not be providing security updates. The advice does not affect Mac users.
The news won’t come as much of a surprise to most businesses as QuickTime has long been replaced as the de-facto standard for watching videos and which will probably be using newer and more effective programs.
Business users of QuickTime should take action as soon as possible to implement the removal of the program from their networks to avoid potential future exploitation.
The policy to remove programs where security support has been rescinded should be common practice within any robust cyber defense policy and system administrators should regularly monitor the support procedure for all programs in use to ensure that protection against flaws, bugs and vulnerabilities is kept up to date. This is particularly crucial for software that has known issues.
It’s worth noting that software published by Apple is among the least commonly updated software by Windows users.
QuickTime is a common piece of software used within the Windows environment particularly with iTunes but, in the view of the problems identified with security, there is little reason to keep using the program.
The process to uninstall QuickTime is a straightforward one and can be performed simply by opening the Control Panel on your PC and, via the Programs menu, select Uninstall a program. Once you find QuickTime in the list of installed programs, select QuickTime and then click the Uninstall function at the top of the window. You will be asked, via a popup, to confirm that you want to uninstall the software. Simple. If you need further assistance with this then use this video link
We can’t more firmly recommend acting now to avoid the potential vulnerabilities that these bugs can expose but, with up to 10 per cent of worldwide PC users still running Windows XP (which hasn’t been supported for over two years) we know that many businesses can be slow to react to potential risk.
Ultimately the removal of QuickTime will eradicate the current risks and any potential future vulnerabilities but this stalwart of the PC’s arsenal of tools will not be the last to meet its maker as software developers evolve new applications to stay ahead of the game and, in doing so, abandon previously well supported software.