Warning to Window users with QuickTime installed on their computers–uninstall it, now.
Clients on our managed IT services agreements currently have this addressed. Questions? Call us immediately.
According to a statement issued by the U.S. Department of Homeland Security Computer Emergency Readiness Team: “Computers using unsupported QuickTime software may increase risks from viruses and other security threats. Potential negative consequences include loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets. The only mitigation available is to uninstall QuickTime for Windows”.
Released over 20 years ago, QuickTime is Apple software used to play audio, image and video files. Apple suddenly stopped providing security patches a few weeks ago due to Zero Day Initiative advisories issued by Trend Micro , an Internet security company that originally discovered two, critical QuickTime vulnerabilities–ZDI-16-242 and ZDI-16-241.
Trend Micro told Apple about the security holes in QuickTime, but Apple neglected to patch these vulnerabilities even though they provided an update to QuickTime in January, 2016. When Trend Micro asked Apple why they didn’t fully secure Quicktime, Apple simply stopped updating the software and have since abandoned it to the wilds. Consumers should also be aware that Oracle Java 6 and Microsoft Windows XP are no longer receiving security upgrades and are subject to remote attack from hackers.
Explanation of Quicktime’s Security Holes
ZDI-16-242 and ZDI-16-241 allow hackers to execute random code in QuickTime software. Users must open malicious files or visit malicious pages for exploitation of vulnerabilities to occur. Since the flaw was found in QuickTime’s moov atom, attackers need to specify invalid values for specific fields existing in the moov atom. Once inside, attackers insert data outside an allocated heap buffer, which they use to leverage execution of arbitrary code within the QuickTime player.
Windows users keeping QuickTime installed on their computers could potentially suffer negative consequences, such as loss of data availability, loss of confidentiality and extensive damage to business assets and system resources. Attackers taking advantage of QuickTime’s security holes are typically identity thieves or hackers searching for bank account numbers, passwords and data that allows them access to funds.
This warning does not apply to Mac users, since Apple continues to provide security updates for QuickTime Player 10 installed on Mac computers.
Although QuickTime will continue to operate normally, it is strongly recommended users uninstall QuickTime if they are using Windows. Instructions for uninstalling Apple QuickTime for Windows can be found here: https://support.apple.com/HT205771
Problems for Creative Cloud Users
Adobe recently issued a statement warning Creative Cloud users may experience disruption of their service due to “several codecs remaining dependent on Quicktime installed on Windows”. According to Adobe representatives, they are currently working to correct this problem but have yet to develop initiatives capable of overruling QuickTime vulnerabilities.
Absolutely amazing. Matthew came to the office and worked with the laptop I had tried to fix myself. He listened carefully to what I reported, then worked with it for over an hour. He asked if he could take it back to his office to work with it. I agreed on the basis of a two-hour billable cap. He took it back to his shop, I’m sure spent way more than two hours fixing it, and returned to me a laptop I scarcely recognized–faster, working wireless, updated Cisco VPN software–perfection. In the course of his magic, he was always available to discuss the configuration, asked all the right questions and gave the right answers. He met the deadline I imposed. The service was so impressive that I asked about future availability to deal with a small business network if help was needed. There’s a team of folks ready to help.”