Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Be aware Samsung disable Windows Update to run its bloatware

The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware opening users to cyber attacks. The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware leaving is customers wide open to cyber attack. Barker discovered that Samsung disable Windows update after a […]

Be aware Samsung disable Windows Update to run its bloatware

The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware opening users to cyber attacks.

The security researcher Patrick Barker discovered that Samsung is disabling Windows Update to run its own bloatware leaving is customers wide open to cyber attack.

Barker discovered that Samsung disable Windows update after a Windows user complained that the update system was being randomly disabled.

“SW Update is your typical OEM updating software that will update your Samsung drivers, the bloatware that came on your Samsung machine, etc. The only difference between other OEM updating software is, Samsung’s disables WU.” Barker wrote in a blog post.

The expert discovered that the update service was disabled by a software procedure called SWUpdate that Samsung bundles on its computers to handle driver updates for the Samsung hardware.

windows update

The SWUpdate code runs the executable called Disable_Windowsupdate.exe.

-  
 GENERAL_EXECUTION  
 -  
 EXCUTION_FILE_NAME  
 64\Disable_Windowsupdate.exe  
   
   
   
 <FromProductDate/>  

When the expert discovered the executable was concerned that it might be a malware, but further analysis revealed that the suspect code is signed by Samsung.

The expert contacted the Samsung technical support for comment and this is the reply:

“When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.”

Windows Update is a critical component for the security of computers running the popular OS, it is necessary to verify that is is enabled to download the security patches.

It’s not the first time that stub of code, or entire applications, pre-installed on PCs expose users to the risk of attack.

Why Samsung was disabling Windows Update? No doubts that by disabling Windows Update the popular OS will not receive any security fix with serious consequences.

Stay tuned!

Pierluigi Paganini

(Security Affairs – Windows Update, security)