Samsung has disabled Windows Update on some of its laptops, it has been claimed, potentially leaving them open to malware and data leakage.
The issue, which IT Pro has not currently been able to independently verify, was discovered by Patrick Barker, a Microsoft support engineer.
In a blog post, Barker states that a user "was being assisted with a WU (Windows Update) issue, which was going well, aside from the fact that [his] WU kept getting disabled randomly".
"It was figured out eventually after using auditpol.exe and registry security auditing that the program that was responsible for disabling WU was Disable_Windowsupdate.exe, which is part of Samsung's SW Update software," Barker said.
While there has not yet been any official word from Samsung as to why SW Update disabled Windows Update, a customer service representative told Barker in a web chat: "When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates."
As security researcher Graham Cluley notes, this is a tactic often used by malware to prevent patches and security updates being applied. And, while the motivation is different, the outcome in terms of making the user's computer unsecure - indeed, Barker has urged his readers to report Disable_Windowsupdate.exe as Malware to Microsoft "because that's exactly what it is".
"Why would you ever disable WU in such a fashion (or in general), in a way a generic user cannot control, leaving them vulnerable?" Barker said.
In a statement, Microsoft said: "Windows Update remains a critical component of our security commitment to our customers. We do not recommend disabling or modifying Windows Update in any way as this could expose a customer to increased security risks.
"We are in contact with Samsung to address this issue."
- Update: Samsung has denied Barker's claims, at least in part - read the full story here.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
100 million Samsung Galaxy devices vulnerable to cryptographic key hackNews Widespread flaws in hardware-backed key management could enable hackers to bypass FIDO2 authentication
-
Researcher awarded $50,000 for discovering Samsung Galaxy S21 hackNews UK researcher Sam Thomas won the Pwn2Own bounty using a "unique three-bug chain"
-
Samsung to support enterprise devices with five years of Android updatesNews Samsung Galaxy S20, S21 and Note 20 series phones are among the devices set to benefit from extended support
-
Samsung to roll out security patch for keyboard vulnerabilityNews Bug exposing Galaxy smartphones to hackers will be squashed within coming days
-
Samsung denies Smart TV could eavesdrop on users' conversationsNews South Korean firm plays down reports of digital snooping, after privacy policy prompts alarm bells
-
Research team highlights Android NFC security holesNews Two zero day vulnerabilities let security boffins hack Samsung Galaxy S3 phone using NFC.
-
Dell confirms malware on motherboardsNews Dell has shipped a small number of replacement motherboards containing a piece of malware.
-
Samsung Wave smartphones shipped with malwareNews Samsung has admitted shipping a number of Wave smartphones containing malware on their memory cards.
