If you run ANY version of Microsoft Windows, and have Apple QuickTime installed, you need to uninstall it immediately.
The US-CERT or United States Computer Emergency Readiness Team, recommends the removal of QuickTime for Windows. Also, Apple announced that they are no longer going to support the product in any way, including issuing major or minor security updates.
On the heels of this announcement, the Zero Day Initiative released a pair of advisories, outlining two new critical vulnerabilities that put QuickTime for Windows at risk.
There have been no reports of either of the new security vulnerabilities being used by the hacking community as of yet. However, now that Apple is on record no longer supporting the platform, it's just a matter of time before someone takes advantage of this critical flaw in the Apple code. When that happens, you don't want it to be your business that takes the hit.
QuickTime for Windows is part of a growing list of widely used software that's no longer receiving support, including Microsoft's very old, yet very much still used, Windows XP operating system, and also Java 6, by Oracle. You should make it a priority to remove any of these programs from all computers on your network in order to minimize your risks.
In its advisory, the US-CERT states: "Computers running QuickTime for Windows will continue to work after support ends. However, using unsupported software may increase the risks from viruses and other security threats. Potential negative consequences include loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets. The only mitigation available is to uninstall QuickTime for Windows."
If you need assistance with this, or other matters relating to security, contact us today, and a member of our technical team will be happy to assess your current situation, and help put your business in a better route for security compliance.
Please note - If your company has a Managed IT services agreement in place with Reality Bytes, we have already mobilized a plan for the removal of this product from all your supported systems.