| QuickTime is in my Top 10 list of third-party software you’ll probably find on almost every Windows machine. |
You should patch it with the same priority as you would for any Microsoft vulnerability — but Apple isn’t making this particularly easy for Windows users.
Urgent — update QuickTime to 220.127.116.11
Apple has issued a patched version of QuickTime, known as version 18.104.22.168. This update was released in response to a vulnerability posted on Jan. 1 by Kevin Finisterre and the guys publishing the Month of Apple Bugs (MoAB). The MoAB guys were focused on breaking Macs, but the Windows version of QuickTime has the same problem.
Apple isn’t making it easy to get all of your computers patched and up-to-date. I disapprove of doing things Apple’s way on my Windows machines. The company’s failure to provide a simple upgrade process for QuickTime on Windows is just leaving more copies of QuickTime vulnerable and making the Web attacks more of a threat.
Patching QuickTime shouldn’t be a big deal, right? You just download the patch file and push it out with your patch/software distribution tool. Also, you grab the corrected installer while you’re there, so you don’t have to first install a vulnerable QuickTime version in order to upgrade to the fixed version.
Not so fast.
Update your way, not