The United States Department of Homeland Security recently released a warning urging Windows users to remove QuickTime from their computers. The alert was issued after the release of Trend Micro’s report that stated that the multimedia framework has two serious security flaws that can make a computer vulnerable to hacking and data theft. QuickTime is developed by Apple Inc., and it received popularity for its capability of handling different formats of digital pictures, videos, panoramic images, sound, and interactivity.
Windows users are at risk:
Although QuickTime X is currently available on Mac OS, Apple ceased support for the Windows version of the software long back. That is why the security flaws will never be fixed, which leaves Windows users with no choice but to uninstall the software. According to US-CERT, the National Cybersecurity and Communications Integration Center, computers that are still using QuickTime are more at risk of attacks and data loss. Moreover, the security flaw allows attackers to take complete control of the victim’s computer.
In a recent interview, Christopher Budd, Trend Micro’s global threat communication manager, stated: “We alerted DHS because we felt the situation was broad enough that people having unpatched vulnerabilities on their system needed to be made aware.” Apple still continues to offer QuickTime security update for Apple computers, and it is unclear why the company ended support for the Windows version of the software. However, soon after the warning was issued, Apple posted an article that has step-by-step instructions removing the software from Windows computers.
Thanks to Zero Day Warning:
It was because of Trend Micro’s Zero Day Initiative that we got to learn about the security flaw. Researcher Steven Seeley from Source Incite was the one to find out about the vulnerabilities. Zero Day Initiative then released advisories with details of the critical security issues. Seeley’s name is even mentioned in the warning that was issued by DHS. The two vulnerabilities that were found in the Windows version of QuickTime are:
ZDI-16-241 – This makes it possible for hackers and remote attackers to place arbitrary codes on a vulnerable installation of the QuickTime software. This vulnerability can be easily exploited by the attackers. However, for the attack to be successful, the user will have to visit a malicious webpage or open a malicious file on the computer. This particular flaw was found within the software’s MOOV atom. An attacker can leverage this to execute the virus codes using the context of QuickTime player.
ZDI-16-242 – This vulnerability poses the same risks. The only difference is that this flaw is found within the atom processing of the software. All an attacker has to do is provide an invalid index, which will allow him/her to write data outside or the allocated heap buffer.
As it is mentioned before, Apple will not provide security updates for the Windows version of QuickTime, which is why users need to uninstall the software immediately. Trend Micro revealed that as of April 14, 2016, there have not been any active attacks against the QuickTime vulnerabilities. However, since the news went public, users are more at risk of being exploited. So, users need to take prompt action to prevent such a thing from happening.