QuickTime video player has been found to carry two bugs, which has prompted a warning by the United States government to uninstall the application. The QuickTime bugs were discovered by Trend Micro and since Apple is not longer updating the application, uninstalling it is the only solution.
QuickTime player by Apple was recently analyzed by antivirus and software company Trend Micro Inc. who discovered that the video player had two new bugs, Reuters reported. The antivirus maker reported that the bugs were of critical nature and could open doors to malicious attacks on Windows running PCs.
The two QuickTime player vulnerabilities were more significant when Windows PC user visited a web page containing malicious programs or when a tainted file is opened. It is worth mentioning here that the bugs were only apparent on Windows platform, while computers operating on Macintosh were did not show this susceptibility.
The news site reported that Trend Micro has only issued the warning for Windows users who are using QuickTime player. As to Apple's take on the story, the iPhone maker decline to speak about the QuickTime bug. This does make the question more intriguing that why were the vulnerabilities only affecting the Windows operating system, while Mac systems were completely bulletproof.
Apple is under the process of phasing out QuickTime player, so there are going to be no updates nor bug fixes for the video player and uninstalling the program is the only solution for now. Homeland Security's CERT, who monitors such vulnerabilities, stated that the bug put users at heightened risk from viruses nd other security infringements that can stem up from the internet.
Getting into more technical details of the bugs, both vulnerabilities exploit heap overflows which can take place when a Windows user navigates an unsafe website crawling with malware. The object of such programs is to hack sensitive data from a targeted computer that is channeled back to the source once a computer has been fully infected, Apple Insider reported.
"The only mitigation available is to uninstall QuickTime for Windows," the alert issue by the US security department said. Christopher Budd, who is global threat communications manager at Trend Micro said that the company has not yet discovered any "active attacks" that the QuickTime player bugs could possibly invite. He also recommended that uninstalling the application is the available solution to any a possisble security breach.
The following YouTube video by CNET talks more on the story.