Users urged to uninstall QuickTime for Windows after Apple ends support

Windows users are being urged to uninstall Apple's QuickTime media player immediately after the technology giant said it would no longer support the platform, despite two active vulnerabilities.

Security vendor Trend Micro today said it had discovered two dangerous flaws in the software, and after alerting Apple, was told the company was deprecating support for QuickTime for Windows.

"We’re not aware of any active attacks against these vulnerabilities currently," the Trend Micro researchers wrote.

"But the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it."

The firm released two advisories - ZDI-16-241 and ZDI-16-242 - detailing the two new and critical heap corruption remote code execution vulnerabilities.

Both vulnerabilities allow an attacker to write data outside of an allocated heap buffer, Trend Micro wrote.

Users need only to visit a malicious web page or open a malicious file to exploit the holes.

The security researchers warned that QuickTime for Windows would be subject to increasing risk as more and more unpatched vulnerabilities are found, arguing the best course of action was to uninstall the program.

Apple's decision to stop supporting QuickTime for Windows does not extend to Quicktime on its own Mac computers.