Quicktime vulnerability patch problem for Windows users

On January 1, 2007, Apple Inc. received a documented report about a highly critical vulnerability in it's QuickTime Player software. Since QuickTime is a component of Apple iTunes, iTunes installations are also affected by this vulnerability. There is publicly available proof-of-concept code that exploits this vulnerability. More information about the vulnerability can be found here.

On January 23, 2007 Apple Inc. issued a patched update to it's QuickTime Player, here, on the Apple website. However, that downloadable update is only for Mac operating systems. Windows users are instructed to use the Apple Software Update Tool to download the appropriate patched version for Windows, which was supposed to have been installed when they installed QuickTime, or iTunes onto their computers. Unfortunately, this is a selectable option that may not have been selected by all users.

The instructions for Windows users who did not choose to install that software update tool is to uninstall QuickTime and download the latest version, then run the update tool to see if they have obtained the latest version. If the version you downloaded is vulnerable you would be at tremendous risk by using it online, so download it, then immediately check for updates. Another thing to know is that the software updater itself had to be updated in January, 2007, so if you already had it installed you had better check to see if it needs to be updated, before trying to download the patched version of QuickTime. If that sounds confusing, remember that Apple computers and products are touted as being simpler to use than PC's and their software.

Another thing, if you obtained the QuickTime Player with iTunes software, you may need to update it as well.

Regarding iTunes software, there are some serious compatibility issues between iTunes and the new Windows Vista operating system. One problem has to do with permissions granted to the product to run on a Vista equipped PC. Apple has released this information and a patch to address that particular problem. The following issues remain unfixed at this time, but both Apple and Microsoft are working hard to resolve them as soon as feasible.

Some currently known compatibility issues with iTunes 7.0.2 and earlier versions include:

iTunes Store purchases may not play when upgrading to Windows Vista from Windows 2000 or XP.

iPod models with the "Enable Disk Use" option turned off may be unable to update or restore iPod software, and make changes to iPod settings.

iPod models configured to Auto Sync and have the "Enable Disk Use" option turned off may require being ejected and reconnected to resync.

Ejecting an iPod from the Windows System Tray using the "Safely Remove Hardware" feature may corrupt your iPod. To always safely eject an iPod, choose Eject iPod from the Controls menu within iTunes.