Apple kills QuickTime for Windows, two vulnerabilities announced

On Thursday, Trend Micro announced that Apple would no longer provide security updates to QuickTime on the Windows platform.

This status update via Apple comes on the same day that ZDI disclosed two vulnerabilities in the multimedia tool, which if exploited could lead to remote code execution. The vulnerabilities are heap corruption flaws that require users to visit a malicious webpage, making them perfect for drive-by-downloads or Phishing.

"We’re not aware of any active attacks against these vulnerabilities currently. But the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it," Trend Micro's Christopher Budd wrote on the company blog.

"In this regard, QuickTime for Windows now joins Microsoft Windows XP and Oracle Java 6 as software that is no longer being updated to fix vulnerabilities and subject to ever increasing risk as more and more unpatched vulnerabilities are found affecting it."

Copyright © 2016 IDG Communications, Inc.

The 10 most powerful cybersecurity companies