Security researchers warn that attack code targeting an unpatched bug in Apple’s QuickTime has gone public. In-the-wild attacks against systems running Windows XP and Vista are probably not far behind. The bug in QuickTime 7.2 and 7.3 (and perhaps earlier editions as well) is in the players handling of the Real Time Streaming Protocol (RTSP) A successful exploit would let the attacker install additional malware — spyware — or cull the system for information like passwords.”]
Source: https://www.csoonline.com/article/2122204/new-quicktime-bug-opens-xp–vista-to-attack.html