Unsolved
This post is more than 5 years old
3 Apprentice
•
15.3K Posts
0
1708
Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced
The following was copied/pasted from https://www.us-cert.gov/ncas/alerts/TA16-105A
According to Trend Micro, Apple will no longer be providing security updates for QuickTime for Windows, leaving this software vulnerable to exploitation.
[In particular] The Zero Day Initiative has issued advisories for two vulnerabilities found in QuickTime for Windows.
Computers running QuickTime for Windows will continue to work after support ends. However, using unsupported software may increase the risks from viruses and other security threats. Potential negative consequences include loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets. The only mitigation available is to uninstall QuickTime for Windows.
========================================
The following was copied/pasted from http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/
(E)veryone should follow Apple’s guidance and uninstall QuickTime for Windows as soon as possible.
This is for two reasons.
First, Apple is deprecating QuickTime for Microsoft Windows. They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it. Note that this does not apply to QuickTime on Mac OSX.
Second, our Zero Day Initiative has just released two advisories ZDI-16-241 and ZDI-16-242 detailing two new, critical vulnerabilities affecting QuickTime for Windows. These advisories are being released in accordance with the Zero Day Initiative’s Disclosure Policy for when a vendor does not issue a security patch for a disclosed vulnerability. And because Apple is no longer providing security updates for QuickTime on Windows, these vulnerabilities are never going to be patched.
RoHe
10 Elder
10 Elder
•
44.3K Posts
0
April 14th, 2016 19:00
So what player is recommended, aside from Windows Media Player?
joe53
5.8K Posts
0
April 14th, 2016 22:00
I've used Windows Media Player (v.12.x) as my default for many years now without any problems (on my Win7). I believe it is the same version for subsequent Windows OSs, through to Win 10. It is easily downloaded from MS:
windows.microsoft.com/.../download-windows-media-player
IIRC, Quick Time used to be required to play media downloaded from the Apple Store, but that requirement was dropped some years back. I've never missed it.
I don't know if WMP is the "safest" player out there, but I can't recall seeing any critical or important patches for it in recent times.
[Edit]: Actually my latest Win 10 laptop defaults to a "Groove Music" media player (also from MS, and formerly was Zune Music, or xbox music) that enables syncing music across various mobile devices. I was able to open audio files with WMP 12 also. I'm not partial to listening to music on portables, but FWIW the audio quality with both players was similar via headphones.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
April 15th, 2016 04:00
I cross-posted this same information at two other forums. One responder noted:
Sure seems odd I can find nothing on Apple's site saying anything about ending support - and contrary to that TrendMicro blog that everyone seems to be quoting, there is NOTHING in the Apple source documents that says to uninstall QuickTime... I would like to see where TrendMicro go this information because it sure does not appear to be from Apple.
... It looks like to me TrendMicro just made this up! And sadly, US CERT and all sorts of other sites are taking it viral.
If it's all a misunderstanding (dare I say, "hoax") based on the Trend Micro article, then yes, it's certainly gone "viral":
http://www.zdnet.com/article/apple-deprecates-quicktime-for-windows-with-two-security-holes-unpatched-trend-micro/
https://threatpost.com/apple-deprecates-quick-time-for-windows-wont-patch-new-flaws/117427/
http://news.softpedia.com/news/apple-deprecates-quicktime-for-windows-because-fixing-security-bugs-got-boring-502979.shtml
http://www.iusbpreface.com/2016/04/15/apple-deprecates-quicktime-for-windows-with-two-security-160740/
http://tribumagazine.net/2016/04/apple-deprecates-quicktime-for-windows-with-two-security/
http://nysepost.com/apple-deprecates-quicktime-for-windows-because-fixing-181599
https://apple.slashdot.org/story/16/04/15/0326219/apple-deprecating-quicktime-for-windows-micro-trends-urges-users-to-uninstall
Now, I will grant, all these may simply be explained as one site "following the leader", all racing to "jump onto the same bandwagon". If that's the case, and the reports are false, I apologize for posting.
RoHe
10 Elder
10 Elder
•
44.3K Posts
0
April 15th, 2016 10:00
Somebody trying to drive everybody to Windows Media Player because they've got a Zero Day exploit itching to be unleashed on the unsuspecting masses? :emotion-3:
joe53
5.8K Posts
0
April 15th, 2016 19:00
Well!
A lot of FUD here.
To summarize:
1) TM (a reputable security company) issues an alert that it discovered 2 new zero day exploits of QT for Windows 4 months ago, and because Apple reportedly has indicated it will not fix them, now makes them public, and recommends uninstalling QT.
2) US-CERT (part of the Department of Homeland Security) is sufficiently impressed that it issues its own alert. One would hope that they did their homework, and was not merely parroting commercial alerts.
3) Apple remains strangely quiet on this matter, more than 24 hours after it was published.
All I can add to this is that coincidently I updated iTunes today on my Win 7, and for the first time QT was not listed as an optional update after a reboot. I also installed iTunes for the first time on my Win 10 system - once again no option to install QT. It seems that QT for Windows is no longer being pushed.