• Skip to primary navigation
  • Skip to main content
site logo
  • About
    • Approach
    • Partnerships
    • Mission
    • Leadership
    • Awards
    • Arraya Cares
  • Solutions
    • Solutions

    • Hybrid Infrastructure
      • Hyperconverged
      • Infrastructure as a Service
      • Servers, Storage, and Virtualization
      • Data Protection
      • Disaster Recovery & Business Continuity
    • Apps & Data
      • AI
      • Automation
      • Customizations
      • Visualizations & Integrations
      • Migrations
    • Network
      • Enterprise Networks
      • Wireless Connectivity
      • Cloud Networking Solutions
      • IoT
    • Cybersecurity
      • Endpoint Security
      • Network Security
      • Cloud Security
      • Application Security
    • Modern Workplace
      • Microsoft Licensing
      • Productivity & Collaboration
      • Modern Endpoint Deployment & Management
      • Microsoft Compliance & Risk
      • Backup
      • Cloud
  • Services
    • Services

    • Managed Services
      • Service Desk
      • Outsourced IT
      • Managed Security
      • Managed NOC
      • Arraya Adaptive Management for Microsoft Technologies
      • ADEPT: Arraya's White Label Program
    • Advisory Services
      • Assessments
      • Strategy
      • vCTO
      • vCISO
      • Enterprise Architecture
    • Staffing
      • Infrastructure Engineering
      • Security & Compliance
      • Application & Software
    • Professional Services
      • Project Management 
      • Systems Integration 
      • Mergers & Acquisitions
      • Knowledge & Skills Transfer 
  • Industries
    • Education
    • Finance
    • Healthcare
    • Legal
    • Manufacturing
    • Software and Services
  • Insights
    • News
    • Blog
    • Events
    • Videos
    • Case studies
  • Careers
  • CSP Login
search icon
Contact Us

How to Eliminate QuickTime Threats Using Microsoft SCCM

Earlier this week, TrendMicro posted a blog informing the public of two major vulnerabilities it found within Apple QuickTime software. Apple is no longer issuing security updates for QuickTime so the only way to be completely safe is to uninstall it from your machine. For organizations with hundreds or thousands of workstations, this could be a nightmare to deal with and an easy entry point for hackers.

The question is, what can IT do about it?

Microsoft’s System Center Configuration Manager (SCCM) can help organizations protect themselves from this threat by identifying all assets with QuickTime installed and then subsequently removing the software. There are a number of ways you could accomplish this with SCCM. Here is an example of one way you might go about it.

The first step is to identify the attack footprint for your organization by identifying the computers that have QuickTime installed. SCCM has simple, built-in reporting around the information it gathers from the computers in the organization. The report you are looking for is under Software – Companies and Products – Computers with a specific product name and version.

In the Product Name field, just type QuickTime and select the Product version. In Arraya’s demo environment, we didn’t have any computers with QuickTime except one (see below). This report gives you a good idea of the challenge ahead of you and the potential impact.

Jason pic 1

 

The second step is to start removing the software and provide protection against computers that may have it installed in the future. This kind of automation can be done by using what is known as Configuration Baselines. These will automatically populate a target list for the uninstall command.

In order to remove the software, we have to find it first. There are a number of ways this can be accomplished, including looking for related files and folders. In this example, we will detect the uninstall registry key for the software. This is a very strong method to detect any software that is listed in Add/Remove Programs. Start by opening up the SCCM console and creating a new Configuration Item called “Detect QuickTime.”

Jason pic 2

Instruct this configuration item to consider any computers with this key to be Non-Compliant. This can be deployed to all systems or all workstations in the environment. It will instruct each machine to check for the existence of this particular registry key. When detected, the machine will report back to SCCM that it is not compliant. From here, we can build a group of computers known as a Collection. This can be built automatically based on the computers reporting Non-Compliance.

Jason pic 3

The populated Collection of computers is where you deploy the uninstall command. In this case, we use a simple package to deliver the command. The command to uninstall QuickTime is:

MsiExec.exe /x {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} /passive

jason pic 4

Back over to our test computer that has QuickTime, you can look at the status of the Baseline we just created. You can see that this computer is now considered Non-Compliant.

Jason pic 35png

This computer will be a member of the Collection we created and receive the uninstall command. Once that is done, the next time the machine evaluates its compliance, it will see that it is now Complaint and will automatically remove it from that Collection. As time goes on, you will see the number of Non-Compliant computers diminish in the Collection. If anyone in your organization installs QuickTime in the future without your permission, you can rest easy knowing it will be uninstalled as soon as that computer evaluates itself.

This methodology can be used to remove any unwanted or risky software from your network. If you are interested in learning more about what SCCM can do, contact Arraya and schedule a demo today!

Arraya Insights
Back to Top
Arraya Solutions logo

We combine technological expertise and personal service to educate and empower our customers to solve their individual IT challenges.

518 Township Line Road
Suite 250, Blue Bell, PA 19422

p: (866) 229-6234     f: (610) 684-8655
e: info@arrayasolutions.com

  • Careers
  • Privacy Policy
  • Contact Us

© 2025 Arraya Solutions. All rights reserved.

Facebook Twitter YouTube LinkedIn
Manage Cookie Consent
We use cookies to enhance your experience. By selecting “Accept,” you agree to our cookie policy.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}