iTunes and Quicktime
Sep 3rd, 2009 by Ryan Meyer
So I’m working on a script to silently install iTunes for a client. And I’ve decided I hate Apple (their Windows software, at least) more than Adobe.
- iTunes 8 setup re-enables AutoRun. Just in case, you know, you disabled it for security purposes or something. Without asking or any disclosure.
- Apple Software Update prompts to install Safari (increased attack surface). Sometimes it installs Safari without prompting at all.
- iTunes installs an unnecessary autodiscovery service (increased attack surface) called Bonjour. Without asking or disclosure.
The “without asking” trend doesn’t end there. There is nothing at all in their KB or on their websites about any of this. They actively delete related questions on their forum.
Ultimately, since they refuse to release MSI files, I extracted the MSIs and attempted to write a silent installation script that disabled some of these blatant security threats. Alas, they’ve discontinued the switches previously available. To do something as simple as remove the desktop icons, you’re required to use a tool such as Orca to manually edit the MSI. To stop iTunes/Quicktime from grabbing all the default media player positions, you’ll have to dig deeper. AutoRun is even deeper. After you’ve done all of this – in both iTunes.msi and Quicktime.msi – you can install them (iTunes requires Quicktime) silently.
But since Apple Software Update is untrusted, and can’t be scripted, you have to do this manually for every update!
Here is a kaseya script that removes all the itunes crap. It could be run after the update.
Script Name: Apple Crapple
Script Description: Apple Crapple
Removes itunes updater and Quicktime Task from startup and removes quicktime icon from desktop. Kills bonjour service
IF True
THEN
Delete File – (Continue on Fail)
Parameter 1 : %SYSTEMROOT%\TASKS\AppleSoftwareUpdate.job
OS Type : 0
Execute Shell Command – (Continue on Fail)
Parameter 1 : “C:\Program Files\Bonjour\mDNSResponder.exe” -remove
Parameter 2 : 0
OS Type : 0
Delete Registry Value – (Continue on Fail)
Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iTunesHelper
OS Type : 0
Delete Registry Value – (Continue on Fail)
Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Quicktime Task
OS Type : 0
Execute Shell Command – (Continue on Fail)
Parameter 1 : ERASE “%ALLUSERSPROFILE%\Desktop\QuickTime Player.lnk”
Parameter 2 : 0
OS Type : 0
Execute Shell Command – (Continue on Fail)
Parameter 1 : ERASE “%ALLUSERSPROFILE%\Start Menu\Programs\Apple Software Update.lnk”
Parameter 2 : 0
OS Type : 0
Write Script Log Entry
Parameter 1 : Apple Software Update Disabled
OS Type : 0
ELSE
Write Script Log Entry
Parameter 1 : Apple Software Update Not Scheduled
OS Type : 0