Two serious security flaws have been discovered in Apple QuickTime for Windows. These holes would allow a remote attacker the ability to take over computers with QuickTime for Windows installed.
Recommended Actions:
Apple has decided to discontinue support for QuickTime on Windows. We recommend removing QuickTime from Windows computers. Please note that QuickTime for Mac OS is not affected.
– QuickTime will need to be manually uninstalled. If users have administrative access, they can easily do this through Control Panel. Further instructions can be found here: http://support.apple.com/en-ca/HT205771
– If you do not have admin access to perform this uninstallation, please contact your IT administrator
– Adobe Creative Cloud Users: Removing QuickTime can affect Creative Cloud functionality. Details on this impact can be found here:
– http://blogs.adobe.com/creativecloud/quicktime-on-windows/
– https://helpx.adobe.com/x-productkb/multi/quicktime-uninstallation-impact.html
More Information:
https://www.us-cert.gov/ncas/alerts/TA16-105A
http://www.eweek.com/security/pair-of-zero-day-flaws-put-apples-quicktime-for-windows-at-risk.html
http://zerodayinitiative.com/advisories/ZDI-16-241/
http://zerodayinitiative.com/advisories/ZDI-16-242/