The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware opening users to cyber attacks.

The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware leaving is customers wide open to cyber attack.

Barker discovered that Samsung disable Windows update after a Windows user complained that the update system was being randomly disabled.

“SW Update is your typical OEM updating software that will update your Samsung drivers, the bloatware that came on your Samsung machine, etc. The only difference between other OEM updating software is, Samsung’s disables WU.” Barker wrote in a blog post.

The expert discovered that the update service was disabled by a software procedure called SWUpdate that Samsung bundles on its computers to handle driver updates for the Samsung hardware.

s5

The SWUpdate code runs the executable called Disable_Windowsupdate.exe.

-<InstCmd>

<InstCmdType>GENERAL_EXECUTION</InstCmdType>

-<InstCmdParam>

<Name>EXCUTION_FILE_NAME</Name>

<Value>64Disable_Windowsupdate.exe</Value>

</InstCmdParam>

</InstCmd>

</PatchSequence>

<FromProductDate/>

When the expert discovered the executable was concerned that it might be a malware, but further analysis revealed that the suspect code is signed by Samsung.

The expert contacted the Samsung technical support for comment and this is the reply:

“When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.”

Windows Update is a critical component for the security of computers running the popular OS, it is necessary to verify that is is enabled to download the security patches.

It’s not the first time that stub of code, or entire applications, pre-installed on PCs expose users to the risk of attack.

Why Samsung was disabling Windows Update? No doubts that by disabling Windows Update the popular OS will not receive any security fix with serious consequences.

Stay tuned!

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2021

We are in our 9th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW