SecuritySecurity Management

Samsung PCs ‘Deliberately’ Disable Windows Update

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Follow on: Google +

Samsung denies its PCs are blocking patches and updates, exposing customers to cybercrime and malware

Samsung’s PC software updater is deliberately blocking Windows Update from automatically installing patches and other upgraders potentially exposing users to hackers and malware, according to an independent Microsoft engineer.

Microsoft MVP (most valuable professional) Patrick Barker discovered the practice while attempting to help a user whose machine was randomly disabling Windows Update and found a program called ‘Disable_Windowsupdate.exe’ was responsible.

The program is signed off by Samsung as is part of the SW Update software, which updates system drivers and pre-installed software, and even prevents users from manually enabling Windows Update by creating a scheduled task that disables the feature every time a system is rebooted.

Windows Update disable

Samsung certificate © Patrick BarkerBarker asked a Samsung support representative why this was happening and was told that Windows Update might disable drivers for hardware features.

“When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work,” Samsung support reportedly told Barker. “For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.”

Barker’s attempts to uninstall the programme using standard Windows tools and suggests users might have to manually uninstall the file or wait for Samsung to release a specific piece of software, just like Lenovo was forced to do with Superfish. He also recommends users report the program to Microsoft, arguing the software is effectively malware.

This is malware

“Upload/report this as malware to Microsoft/MSRC, etc, because that’s exactly what it is,” he said. “Why would you ever disable WU in such a fashion (or in general), in a way a generic user cannot control, leaving them vulnerable?”

SamsungThis sentiment is echoed by security expert Graham Cluley, who argues it mimics the behaviour of many malicious pieces of software.

“As there are many instances of malware trying to deliberately disable Windows Update in order to get on with their dirty work, I personally wouldn’t feel entirely comfortable if Samsung was going around doing the job for them,” he said. “Presumably Windows Update can mess up Samsung SW Update – which has important jobs like updating the various bits of OEM bloatware which came pre-installed on your Samsung laptop – or cause some Samsung-specific drivers to suffer problems.

“But turning off Windows Update in its entirety, the Microsoft software with the responsibility for keeping your Microsoft operating system and apps like Internet Explorer updated with the latest security patches, seems like a risky move to me.”

Samsung has rejected Barker’s claims, telling TechWeekEurope it provides users a choice of whether or not to enable Windows Update.

“It is not true that we are blocking a Windows 8.1 operating system update on our computers,” said a spokesperson. “As part of our commitment to consumer satisfaction, we are providing our users with the option to choose if and when they want to update the Windows software on their products. We take product security very seriously and we encourage any Samsung customer with product questions or concerns to contact us directly.”

Take our Microsoft quiz here!