Talk about a right royal mess.
Last week, it was discovered that software pre-installed on Samsung computers had the undesirable (but surprisingly deliberate) side effect of disabling Windows Update, Microsoft’s way of automatically keeping your Windows computer secured with the latest patches including security updates.
As a consequence, the onus was put on Samsung computer owners to update their devices manually with security updates… and we all know how well that works. 🙁
The technology press found out about Samsung’s crippling of Windows Update, which meant users had to manually download install Microsoft updates, after the issue was uncovered on the Sysnative forum and blogged about by forum staffer Patrick Barker.
Many observers were quick to comment that it’s much more common for malware to disable Windows Update than pre-installed software by a South Korean PC manufacturer.
Now, Samsung says it will issue a fix to its SW Update software, allowing Windows Update to run normally.
Samsung, who presumably were on the receiving end of a stern phone call from its business partner Microsoft and concerned that they didn’t want the incident to blow up into Lenovo Superfish-style proportions, announced the turnaround in a statement offered to the press:
“Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days. Samsung remains committed to providing a trustworthy user experience and we encourage customers with product questions or concerns to contact us directly at 1-800-SAMSUNG.”
That’s not quite an apology, but at least it sounds as if they have seen the error of their ways and will be resolving the issue real soon now. Quite why they ever thought disabling Windows Update was a good idea is a mystery to me.
And what makes it worse is that Samsung clearly did what it did deliberately – this wasn’t the case of a software engineer messing up. The offending software, downloaded by Samsung’s SW Update program, was called Disable_Windowsupdate.exe for goodness sake. And if the poor user attempted to re-enable Windows Update downloads, they would simply be disabled again and again.
Source: bsodanalysis.blogspot.com
With Samsung’s patch Windows Update’s settings should be reverted to “recommended” and automatic updates for the operating system should start arriving again.
There is some irony, of course, that Samsung is pushing out an update to the software updater that broke Windows Update. I bet they’re pleased that no-one else turned off their updater, eh?
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsSeptember 06, 2024
September 02, 2024
August 13, 2024