Samsung to disable software which cripples Windows Update

Responding to a public outcry, Samsung has reaffirmed its commitment to security – and its partnership with Microsoft – and vowed to stop turning off automatic Windows Updates.

Last week the news broke that Samsung had installed a program called disable_windowsupdate.exe as part of its Samsung Software Update. The name of the process perhaps overstated exactly what it did – rather than turning off Windows Update altogether, it automatically changed the setting from “Install updates automatically (recommended)” to “Check for updates but let me choose whether to download and install them”.

Effectively it meant that a user would not be able to set his computer to automatic updates because every time the system was rebooted, Samsung's disable_windowsupdate.exe would secretly change it back.

From a security point of view, it may have left some computers with out of date operating systems because they hadn't been receiving the latest patches from Microsoft.

The problem was discovered by a group of enthusiasts on sysnative.com who were helping a visitor, wavly, who noticed the problem on his computer. Over the course of two weeks, a number of members – led by moderator BrianDrab – worked with wavly to diagnose the problem and uncover the offending program.

Following a blog post by Patrick Barker, the story quickly blew up, hitting headlines in many mainstream as well as specialist publications.

Reaction has been mixed, with some people commenting on Barker's blog that it's a “non-event” while others have pledged to never buy Samsung products again.

Samsung issued this statement on Friday: “Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days."