The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware opening users to cyber attacks.

The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware leaving is customers wide open to cyber attack.

Barker discovered that Samsung disable Windows update after a Windows user complained that the update system was being randomly disabled.

“SW Update is your typical OEM updating software that will update your Samsung drivers, the bloatware that came on your Samsung machine, etc. The only difference between other OEM updating software is, Samsung’s disables WU.” Barker wrote in a blog post.

The expert discovered that the update service was disabled by a software procedure called SWUpdate that Samsung bundles on its computers to handle driver updates for the Samsung hardware.

s5

The SWUpdate code runs the executable called Disable_Windowsupdate.exe.

-<InstCmd>

<InstCmdType>GENERAL_EXECUTION</InstCmdType>

-<InstCmdParam>

<Name>EXCUTION_FILE_NAME</Name>

<Value>64Disable_Windowsupdate.exe</Value>

</InstCmdParam>

</InstCmd>

</PatchSequence>

<FromProductDate/>

When the expert discovered the executable was concerned that it might be a malware, but further analysis revealed that the suspect code is signed by Samsung.

The expert contacted the Samsung technical support for comment and this is the reply:

“When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.”

Windows Update is a critical component for the security of computers running the popular OS, it is necessary to verify that is is enabled to download the security patches.

It’s not the first time that stub of code, or entire applications, pre-installed on PCs expose users to the risk of attack.

Why Samsung was disabling Windows Update? No doubts that by disabling Windows Update the popular OS will not receive any security fix with serious consequences.

Stay tuned!

Pierluigi Paganini

Global InfoSec Awards 2021

We are in our 9th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW