Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Apple to no longer support Quicktime for Windows


  • Please log in to reply
19 replies to this topic

#1 JohnC_21

JohnC_21

  • Members
  • 24,448 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 14 April 2016 - 04:55 PM

RIP QuickTime for Windows. Apple is "deprecating support" for the application, and will no longer patch security flaws in the software.

The iGiant is also quietly advising users to uninstall the media player from their Windows machines to avoid being hacked.

Word of the end of support comes from infosec biz Trend Micro. It discovered two critical flaws in the Windows build of QuickTime and reported them to Apple. In response, Trend told The Register, the iPhone maker said it won't fix the bugs, and is cutting the application loose.

Both of the vulnerabilities – ZDI-16-241 and ZDI-16-242 – are heap-corruption-based remote code execution vulnerabilities.

 

Article



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 14 April 2016 - 05:02 PM

It was about time. I wonder who still uses QuickTime when there's better alternatives to it anyway.

Edit: Just realized the pun I made.

Edited by Aura, 14 April 2016 - 05:02 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Smsec

Smsec

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 14 April 2016 - 10:46 PM

Now if we could just get Adobe to kill Flash player plugin the web would be a safe place.



#4 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 15 April 2016 - 04:28 AM

Flash is still used though major sites have switched to HTML. Apple only used Quicktime to rope users into watching exclusive movie trailers. When the trailers were no longer exclusive to Apple, Quicktime was rendered useless.



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:03 PM

Posted 15 April 2016 - 05:04 AM

Now if we could just get Adobe to kill Flash player plugin the web would be a safe place.


They already said that they would do it. Most likely this year.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 PM

Posted 15 April 2016 - 06:17 AM

Urgent Call to Action: Uninstall QuickTime for Windows Today
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Beings

Beings

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gold Coast, Australia
  • Local time:08:03 AM

Posted 16 April 2016 - 03:00 AM

It was about time. I wonder who still uses QuickTime when there's better alternatives to it anyway.

Edit: Just realized the pun I made.

 

It sucks because Sony Vegas uses Quicktime for the videos codec. That is the only time I use Quicktime and now Apple is not supporting it anymore.



#8 tlsk

tlsk

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 18 April 2016 - 11:32 AM

I'm guessing that alternatives to QuickTime such as VLC would not be vulnerable to the same exploits or am I mistaken on that?  Do they have their own vulnerabilities that I need to watch for?  We have training CDs that use QuickTime so I need to find a work around until (if) we ever develop new training CDs.



#9 Smsec

Smsec

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 18 April 2016 - 11:41 AM

Any software can have vulnerabilities. They are common in all software. That's why its important to keep everything up to date.

 

VLC vulnerability example: http://www.zdnet.com/article/vlc-vulnerabilities-exposed/


Edited by Smsec, 18 April 2016 - 03:32 PM.


#10 tlsk

tlsk

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 18 April 2016 - 12:11 PM

Thanks, smsec.  I appreciate it



#11 Al1000

Al1000

  • Global Moderator
  • 7,979 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:03 PM

Posted 18 April 2016 - 03:30 PM

Any software can have vulnerabilities. They are common in all software. That's why its important to keep everything up to date.
 
VLC vulnerability example: http://www.zdnet.com/article/vlc-vulnerabilities-exposed/ 


This link has a space after the url, and doesn't work when I click on it.

Here is the url without the space in case it doesn't work for anyone else:

http://www.zdnet.com/article/vlc-vulnerabilities-exposed/

#12 Smsec

Smsec

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 18 April 2016 - 03:34 PM

I've edited the link in #9 and removed the space. Should work now

 

Thanks

 

Any software can have vulnerabilities. They are common in all software. That's why its important to keep everything up to date.
 
VLC vulnerability example: http://www.zdnet.com/article/vlc-vulnerabilities-exposed/ 


This link has a space after the url, and doesn't work when I click on it.

Here is the url without the space in case it doesn't work for anyone else:

http://www.zdnet.com/article/vlc-vulnerabilities-exposed/

 



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 PM

Posted 18 April 2016 - 04:44 PM

Older versions of a lot of popular software such as Adobe (Acrobat Reader, Flash Player, Shockwave Player), Java, Windows Media Player, VLC Player, Web Browsers are vulnerable to exploits and should be kept updated. There are serious security issues with older versions which can increase the risk of system infection. Infections spread by malware writers and attackers exploiting unpatched security holes or vulnerabilities in older versions. Software applications are a favored target of malware writers who continue to exploit coding and design vulnerabilities with increasing aggressiveness.

Exploit kits are a type of malicious toolkit used to exploit security holes found in software applications...for the purpose of spreading malware. These kits come with pre-written exploit code and target users running insecure or outdated software applications on their computers.

Tools of the Trade: Exploit Kits

The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever.

Web ExploitsRelated Resources:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 3,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:06:03 PM

Posted 18 April 2016 - 09:16 PM

Good riddance to such a piece of crap software

You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

xu847p-6.png


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 PM

Posted 19 April 2016 - 06:21 AM

Just because a software programs is prone to exploits does not mean it is crap. QuickTime served a purpose at one time but now there are better alternatives and they are even prone to exploits.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users