Last week, Apple announced that it would no longer issue security updates or conduct software development for QuickTime for Windows, one of the most common video players around.
The announcement came without warning after TrendMicro identified two critical vulnerabilities, considered “remote code executions,” which could allow hackers to remotely log in to a user’s computer simply by getting him or her to click on an infected link or visit an illicit website.
The US-CERT, part of the Department of Homeland Security, issued a public statement urging anyone using QuickTime for Windows to uninstall the application immediately: “Computers running QuickTime for Windows will continue to work after support ends. However, using unsupported software may increase the risks of viruses and other security threats. Potential negative consequences include loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets. The only mitigation available is to uninstall QuickTime for Windows.”
Before you mourn the loss of QuickTime for Windows (or panic thinking your computer could be affected), remember that the program was originally designed in the 1990s—it was actually one of the first pieces of Windows-compatible software that Apple ever produced. And since iTunes and most online video players don’t require QuickTime, it’s a legacy product at best.
But QuickTime works with many other applications that could be infected by an immediate uninstall. Adobe advised users that its Creative Cloud product package could be negatively affected by Apple’s decision to cut and run on QuickTime. And although the latest version of the media player got an update in August, five months later Apple killed browser plug-ins for Internet Explorer. Hopes were high that that would lead to a wholesale migration away from the video player, but it didn’t happen. Hence the situation we’re in now.
So What Should You Do to Keep Your Computer Safe from Vulnerabilities Tied to the Now-Unsupported QuickTime for Windows?
1) Start by reading Apple’s instructions for uninstalling QuickTime. Although they’re very tedious and involved, having at least a basic handle on the situation is imperative. Click here to read Apple’s “Uninstall QuickTime 7 for Windows” instructions.
2) If it seems too risky or complex, call a trusted IT advisor. Any good IT provider will quickly walk you through the steps necessary to secure your computer and rid it of any QuickTime-related vulnerabilities. Even better, they can probably figure out a way to enhance your security environment, not just get you caught up to the bare minimum.
3) Antivirus, anti-spyware, and anti-malware software are important. But many hackers change their tactics faster than even the best software can keep up. There’s probably some cybercriminal somewhere trying to figure out how to take advantage of this situation right now. Which is why…
4) …Comprehensive network security can make a difference. CMIT Solutions relies on enhanced security tools that measure Internet traffic looking for malware, botnets, and phishing attempts BEFORE they affect your system. By identifying targeted attacks, blocking threats on local networks and mobile devices, assessing the viability of removing Java and Flash plug-ins, and enforcing acceptable use policies through content filtering, the proactive monitoring or “umbrella” approach can deliver an unprecedented level of security. Of course, no one layer of security provides surefire protection, which is why we also specialize in…
5) …Critical backup and disaster recovery. In a worst-case scenario, the only way to prevent data loss is if your information is backed up by a remote, regular, redundant, and easily retrievable solution. Users who are infected by QuickTime exploits or other ransomware viruses may find that they are required to pay hundreds or even thousands of dollars to retrieve their data.
System vulnerabilities, hacking exploits, and other security compromises continue to come at us from all directions. That’s why CMIT Solutions is dedicated to helping our business clients survive and thrive in today’s complicated IT world by specializing in proactive monitoring, backup and disaster recovery, business continuity, data encryption, email archiving, and a host of other services. No security solution is 100% effective, but the more layers you put between your systems and the cybercriminals looking to infiltrate them, the safer you’ll be. Contact us today so that we can worry about your IT—and you can worry about growing your business.