The Department of Homeland Security has issued an alert recommending that any QuickTime for Windows users immediately uninstall the program due to potential security risks. And Apple – who has confirmed that they are no longer updating or supporting QuickTime for Windows – is issuing the very same advice. While QuickTime for Windows hasn’t been essential for running iTunes (the primary reason that it was installed on Windows systems) or serving up web video for at least 5 years, it is still out there. And given the fact that there is basically no reason to have the program anymore and that it does pose a security risk since there are 2 vulnerabilities that are NOT being patched by Apple, it is critical for any QuickTime for Windows users who still have it installed to get it off of their machines as quickly as possible. After all there is no sense in keeping a useless program on your machine if doing so puts you at risk for being hacked.
What’s the Risk?
The alert came after TrendMicro’s Zero Day Vulnerability team identified two vulnerabilities that affect QuickTime for Windows. They are considered “remote code execution” flaws, meaning that using social engineering tactics, hackers would entice a user to click on a link and then gain remote access to the computer. And since Apple is no longer providing support or update for the software, that means that these vulnerabilities will never be patched by Apple. (To learn more about patching, check out our recent blog post on the topic.) The other reason to uninstall is that now that the vulnerabilities have been publicly disclosed, there is a greater chance that hackers will begin to exploit the flaws.