Windows Users Warned to Dump QuickTime Pronto by David Jones.
The U.S. Department of Homeland Security on Thursday issued a warning to remove Apple’s QuickTime for Windows. The alert came in response to Trend Micro‘s report of two security flaws in the software, which will never be patched because Apple has ended support for QuickTime for Windows.
Computers running QuickTime are open to increased risk of malicious attack or data loss, US-CERT warned, and remote attackers could take control of a victim’s computer system. US-CERT is part of DHS’ National Cybersecurity and Communications Integration Center.
“We alerted DHS because we felt the situation was broad enough that people having unpatched vulnerabilities on their system needed to be made aware,” said Christopher Budd, global threat communication manager at Trend Micro.
…
The a few days later, Adobe clouds that warning as reported in: Don’t be too quick to uninstall QuickTime for Windows warns Adobe by Graham Cluley.
Adobe issued this notice, pointing out that removing QuickTime for Windows may bite you if you are a Creative Cloud user.
Along with no date from removing QuickTime dependencies.
BTW, Apple has announced that the vulnerabilities that lead to these conflicting announcements, will not be fixed.
In terms of impact, I did find these statistics on website usage of QuickTime but wasn’t able to locate statistics on user installations of QuickTime on Windows boxes.
My guess is that QuickTime on Windows machines at government installations resembles a rash. Diaper rash that is.
This is story to keep in mind when planning dependencies on software or data that is not under your control.
PS: I would uninstall it but then I don’t run Flash either. No one is completely safe but sleeping outside, naked, is just inviting trouble. That’s the analog equivalent of running either QuickTime or Flash.