Friday, 24 March 2017
Computing Security

Samsung Computers quietly installing a Program that Maliciously disables Windows Update

Samsung have been alleged to be stealthily installing unwanted software to its branded computers which seems to disable Windows update on such computer.

According to a Microsoft forum post, a Microsoft MVP found out how a background service installs an unwanted program secretly that disables Microsoft’s Windows update automatically.

If you are using a Samsung computer, you should be familiar with the “Samsung software updater tool“. The updater tool takes care of all the updates, including drivers and apps related to the laptop.

This kind of service is not new and all major laptop vendors, for example, Dell also use special software backup and update tool for keeping the computer system updated.

The main culprit in Samsung fiasco is the program, known as Disable_Windowsupdate.exe. The app/service back-doors to the system without anyone’s permission including the owner.

The program is not loaded to the Samsung computer at factory, but is secretly loaded to a users computer without their permission, probably when they connect online. To make matters worse, the Samsung Update tool completely blocks Windows update.

Even if the user re-enables Windows update, the tool will reverse it back to disabled, making this tool effectively a malware if you ask me.

To make the scenario much worse, the malware is download through a non-secure (i.e. non-HTTPS) server. The non-secure line can be used by a hacker for load malicious payloads, all without any permission requirements.

To check whether your Samsung computer is affected by the tool, type the following in the run dialog box. Run dialog box can be opened by pressing, Windows Key + R. Paste the following command in the Run dialog box:

%ALLUSERPROFILE%\ProgramData\Samsung

If you find the program on your Samsung computer, you can remove it from your system through the Control Panel.

The flaw was first pointed out by Baker, a Microsoft MVP, who discovered the issue while trying to troubleshoot a PC that could not keep the Windows Update ON even after manual resets.

Samsung has seriously broken a lot of protocols and has also played with the users trust. Let’s hope that this bug gets fixed soon, most especially in time before the launch of Windows 10.

For it is not clear how extensive the issue is or which Samsung computers are affected, you can just check your PC using the solution above.

Have anything to add to the story? Comment below and let us know.