Industry News

Samsung says it will update updater that disabled Windows Update

Talk about a right royal mess.

Last week, it was discovered that software pre-installed on Samsung computers had the undesirable (but surprisingly deliberate) side effect of disabling Windows Update, Microsoft’s way of automatically keeping your Windows computer secured with the latest patches including security updates.

As a consequence, the onus was put on Samsung computer owners to update their devices manually with security updates… and we all know how well that works. :(

The technology press found out about Samsung’s crippling of Windows Update, which meant users had to manually download install Microsoft updates, after the issue was uncovered on the Sysnative forum and blogged about by forum staffer Patrick Barker.

samsung-600

Many observers were quick to comment that it’s much more common for malware to disable Windows Update than pre-installed software by a South Korean PC manufacturer.

Now, Samsung says it will issue a fix to its SW Update software, allowing Windows Update to run normally.

Samsung, who presumably were on the receiving end of a stern phone call from its business partner Microsoft and concerned that they didn’t want the incident to blow up into Lenovo Superfish-style proportions, announced the turnaround in a statement offered to the press:

“Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days. Samsung remains committed to providing a trustworthy user experience and we encourage customers with product questions or concerns to contact us directly at 1-800-SAMSUNG.”

That’s not quite an apology, but at least it sounds as if they have seen the error of their ways and will be resolving the issue real soon now. Quite why they ever thought disabling Windows Update was a good idea is a mystery to me.

And what makes it worse is that Samsung clearly did what it did deliberately – this wasn’t the case of a software engineer messing up. The offending software, downloaded by Samsung’s SW Update program, was called Disable_Windowsupdate.exe for goodness sake. And if the poor user attempted to re-enable Windows Update downloads, they would simply be disabled again and again.

samsung-wu

Source: bsodanalysis.blogspot.com

With Samsung’s patch Windows Update’s settings should be reverted to “recommended” and automatic updates for the operating system should start arriving again.

There is some irony, of course, that Samsung is pushing out an update to the software updater that broke Windows Update. I bet they’re pleased that no-one else turned off their updater, eh?

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

3 Comments

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • “Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days. Samsung remains committed to providing a trustworthy user experience and we encourage customers with product questions or concerns to contact us directly at 1-800-SAMSUNG.”

    Translation:
    We use Microsoft Windows because it offers us the largest customer base. Therefore, we are fixing our blunder by updating our software updater that removed the Windows updater. We will always do what allows for the highest profit. Should you have any concerns or questions with our products, please call us directly at 1-800-SAMSUNG so that we can convince you of these facts. Keep in mind that we pay for the 800 so that our US customers (‘our only customers’) can call us free of charge.

    And now.. a question: will the updated updater also remove Windows updater one last time ?

  • An executable doesn’t need to be over two megabytes in length to merely disable Windows Update.
    A quick look with a hex editor reveals apparent changes to Windows Policy aimed at removing traces of…something.

    This package needs to be examined closely.