A glitch with Apple's QuickTime multimedia program has left some Windows users wondering why they're having trouble updating to the latest version.
QuickTime has an auto-update mechanism, but it appears to not work on Windows 8 and 10, wrote Alton Blom, a Sydney-based security researcher, in a blog post.
Blom wrote that he found inconsistencies in how QuickTime and Apple's Software Update tool interacted with each other depending on the versions of Windows and QuickTime installed.
For example, on Windows 8, QuickTime reported that it was up to date, but Apple's Software Update tool said the application needed to be upgraded to 7.7.8, which is the latest version, Blom wrote.
A thread on Apple's discussion forum shows that users have been noticing issues since August.
Blom found it is possible for people to manually download and then install QuickTime on Windows 8 and 10. But many users may not go through the trouble if they're seeing error messages.
The danger is that a large number of Windows users may not update QuickTime at all, putting them at risk of attackers exploiting security vulnerabilities. The auto-update works fine on Windows 7 and Vista.
Last week, a study was released by the software company Flexera that found 61 percent of Windows users running QuickTime did not have the latest version. Also, 47 percent of iTunes installations were outdated versions.
The study came from data collected during September and October from computers that have a Flexera tool called the Personal Software Inspector, which alerts people to out-of-date software.
Blom contacted Apple's security team by email on Friday. The response said that QuickTime 7.7.8 requires Windows 7 or Vista and didn't address the inconsistent alerts Blom noticed.
Apple officials contacted in Sydney didn't have an immediate comment.
Over the last year, 18 vulnerabilities have been found in QuickTime.
In September, Apple posted an advisory warning of several problems in QuickTime versions prior to 7.7.8 for Windows 7 and Vista after it had patched the issues about a month prior.
One of the flaws could be exploited by crafting a malicious file, which "may lead to an unexpected application termination or arbitrary code execution," Apple said.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.