Samsung software seems to disable Windows Update

Next story

Reports started surfacing in the past fortnight that Samsung was disabling Windows Update, the program responsible for downloading and installing OS updates, on their machines using SW update.

Windows Update downloads and installs the latest OS updates from Microsoft. That includes essential security hotfixes and patches that keep your OS as secure as possible against new threats.

Whilst helping a user fix a problem Microsoft technical expert Patrick Barker discovered Samsung software running a file called Disable_Windowsupdate.exe.

The file comes as part of SW Update, Samsung’s own update software which keeps programs that come a standard on Samsung manufacturer machines up to date, whilst providing the latest drivers etc.

Mr. Barker is quoted by the BBC as saying that SW Update is “disabling Windows Update from working as the user intends it to.”

 

Why?

 

Although it’s highly unlikely that a huge global company like Samsung actually intended anything malicious, the questions remains: why?

Mark James, ESET security specialist, explains why he thinks it’s happened.

“Samsung have stated it’s to ensure you get the correct “Samsung” drivers for your hardware, but it could also be to ensure all the software that gets preinstalled on your machine at the factory stays on the machine.

“Often these days desktops and laptops come with all manner of additional applications (some called bloatware) installed ready for you to try and hopefully buy, sometimes this can cause your machine to run slowly or interfere with other programs that you may want to install.”

Unfortunately it seems that Windows Update, despite being crucial to the security of the OS, is quite simple to disable.

“Yes it’s relatively easy to disable windows update and we have seen many instances where malware has done this in the past.

 

“Once windows updates have been disabled the chances of vulnerabilities being fixed or patched could be removed from the equation and therefore the expected life span of malware is extended manifold.

 

“Microsoft by default will let you know if updates are switched off but also this is relatively simple to circumnavigate.”

The truly scary thing is that it doesn’t take long at all for your system to be potentially vulnerable: if, for example, there is evidence of a zero-day exploit in Windows which you miss the patch for, every day that passes unpatched increases your risk of infection.

This highlights the perpetual cat and mouse struggle between OS manufacturers, antivirus vendors, as well as other vulnerable software like Flash or Java etc. and the ever changing and evolving face of malware.

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our new ‘In the news’ section.

Do you own a Samsung system? Were you affected?