Zero Day Initiative published yesterday 2 security advisories with details about vulnerabilities in Apple QuickTime for Windows. Nothing unusual about this except Apple discontinued support for QuickTime.
Two vulnerabilities discovered by Steven Seeley from Source Incite and revealed through ZDI bounty program may allow remote attacker execute arbitrary code on the target system.
ZDI-16-241 describes a flaw within moov atom, which leads to heap corruption. To exploit this vulnerability the attacker should trick the victim to open a malicious file.
ZDI-16-242 exists due to an error in atom processing. The attacker can create a specially crafted file with invalid index and cause heap buffer overflow.
Both vulnerabilities allow remote code execution in context of QuickTime player.
So, if you are using QuickTime for Windows, uninstall it ASAP.