Security Short Take: Yes, Samsung tweaked Windows Update settings

The move is seen as undermining security on Windows PCs

patch internet explorer
Credit: CSO staff
list making rounded

Samsung has admitted that it's been manipulating Microsoft's Windows Update settings on its PCs, confirming a charge leveled Tuesday by researcher Patrick Barker.

Specifically, Samsung disabled automatic updates for PCs by setting Windows Update to notify users before downloading or installing fixes and patches. That's less restrictive than what Microsoft recommends; it wants Windows users, particularly consumers, to leave the default Windows Update setting -- "Install updates automatically" -- alone as the best way to ensure the OS is up to date. (Other options include telling users when new updates are available for manual download, or advising  them that updates have been downloaded and are ready to install.)

A Samsung spokesperson denied any nefarious intent: "As part of our commitment to consumer satisfaction, we are providing our users with the option to choose if and when they want to update the Windows software on their products." Curiously, Samsung also denied blocking a Windows 8.1 update -- something Barker had not accused it of doing.

Barker, a crash-debugging and reverse-engineering expert who is also a Microsoft MVP (Most Valuable Professional), today detailed his findings about what Samsung has been up to:

  1. Rather than disabling Windows Update outright, Samsung's SW Update changes the service's settings to stop it from automatically downloading and installing Windows updates.
  2. Instead, SW Update silently changes the Windows Update retrieval and installation setting to "Check for updates but let me choose whether to download and install them."
  3. Users who try to change the Windows Update settings back to automatically download and install updates find themselves stymied. "If you attempt to change [the setting made by SW Update], it'll switch right back on a reboot," Barker said.

Samsung's persistent changing of Windows Update was done with an executable tagged Disable_Windowsupdate.exe that's included with SW Update. Samsung, quoted by Barker in an online chat he posted to his blog, said it was necessary to change the Windows Update settings to make sure customers got the correct drivers for their systems.

Owners of Samsung hardware with questions or concerns related to SW Update and the changes it makes to Windows Update can contact the company's customer support by telephone at 1-800-SAMSUNG.

With reports by Gregg Keizer at Computerworld.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
How much is a data breach going to cost you?