Windows users should uninstall Quicktime immediately, Trend Micro warns

Do you by chance have Quicktime installed on your PC? If so, Trend Micro strongly recommends that you ditch it as soon as possible. The site recently discovered two “critical vulnerabilities,” listed here and here, that enable “remote attackers to execute arbitrary code on vulnerable installations” of Quicktime for Windows. But the really worrying bit is that Apple has stopped issuing security updates for the software, and that means those flaws will never be fixed.

“We’re not aware of any active attacks against these vulnerabilities currently,” Trend Micro wrote. “But the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it.”

Uninstalling Quicktime is a fairly straightforward process, but Apple has full instructions here if you want to make sure you've got it all. And if you absolutely, positively must have it on your system for some reason, there is one bright spot: The exploit requires “user interaction” to do its thing, like running a program or visiting a malicious web page, so your PC can't simply be detonated from remote. (The downside, obviously, is that if you do get hammered through this vulnerability, you'll have nobody to blame but yourself.)

If you're interested in a replacement player for watching old Quicktime videos you've got lying around now and then, I'd recommend the VLC player. It's not perfect, so it may take a little extra effort to make the magic happen, but it works well and handles most major audio and video formats without any trouble.

We recommend