When members of the Sysnative forum tried to help a user with a computer problem, they stumbled across something curious.
Windows Update kept randomly being disabled.
Was malware at work, turning off Windows Update to prevent Microsoft patches and security updates from being installed?
No, malware wasn’t to blame. It was Samsung.
Microsoft MVP Patrick Barker discovered that Samsung’s SW Update software was downloading and running a file with the unambiguous name of Disable_Windowsupdate.exe.
And yes, it really does appear to be Samsung’s software which is doing this. Barker confirmed that the executable file is signed by Samsung:
As there are many instances of malware trying to deliberately disable Windows Update in order to get on with their dirty work, I personally wouldn’t feel entirely comfortable if Samsung was going around doing the job for them.
Even if you notice that Windows Update has been turned off and re-enable it, Samsung SW Update will quick as a flash disable it again.
Presumably Windows Update can mess up Samsung SW Update – which has important jobs like updating the various bits of OEM bloatware which came pre-installed on your Samsung laptop – or cause some Samsung-specific drivers to suffer problems.
But turning off Windows Update in its entirety, the Microsoft software with the responsibility for keeping your Microsoft operating system and apps like Internet Explorer updated with the latest security patches, seems like a risky move to me.
Update: Sysnative Forums has been in touch, letting us know that two of its staffers – Brian Drab and Richard “neimro” Burgess – first identified and published information about this issue. Patrick Barker is another staffer on the forum, whose blog post brought the issue to a wider audience.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.