Samsung computers are quietly installing an app that disables Windows Update

Samsung computers are quietly installing an app that disables Windows Update
Credit: Shutterstock

Anyone who’s purchased a new Samsung laptop has probably run into the company’s “software updater” tool, which promises to keep apps and drivers up to date on your computer.

That software does something slightly sinister in the background, however: it disables Windows Update. A post by Microsoft MVP, Patrick Barker, details a small application that’s quietly installed in the background to block updates.

The app, conspicuously named Disable_Windowsupdate.exe, is installed automatically without the owner’s knowledge. According to a support representative, it’s there to stop the computer from automatically downloading drivers from Windows Update that could be incompatible with the system or cause features to break.

Unfortunately for Samsung it also appears to change the user’s update settings and disables Windows Update entirely. Once installed, the app even disables Windows Update after the user re-enables it.

Samsung’s software update service doesn’t actually ship with the application installed, it’s silently downloaded in the background at a later time from a non-HTTPS server and installed without asking the user.

Disable_Windowsupdate.exe is signed with Samsung’s security certificate, confirming the company did create it.cert

Barker found the tool accidentally as he was trying to troubleshoot a user’s problem with Windows Update, where he was unable to get it to stay enabled after a reboot.

It’s unclear which Samsung computers are affected by the app, however questions about the suspicious app have surfaced a number of times online, with the earliest mention dating back to April 2015.

Disabling Windows Update without the user’s knowledge is unacceptable, let alone actually quietly installing an app over the internet in order to do it.

Samsung delivering the app via a non-secure protocol also means that if the server were to be compromised, it could allow an attacker to quietly install apps without you ever knowing about it.

In the meantime, if you’re a Samsung computer owner it’s worth checking for the presence of the tool at the below folder by opening a ‘run’ dialog (hit the Windows key + R) and paste in the below:


We’ve contacted Samsung for comment about the tool and will update when we hear back.

Update 25/6: A Samsung spokesperson gave TNW this statement:

“It is not true that we are blocking a Windows 8.1 operating system update on our computers. As part of our commitment to consumer satisfaction, we are providing our users with the option to choose if and when they want to update the Windows software on their products.

The problem with this statement is that it appears to be untrue — the software does disable Windows Update and does not warn them about it. Microsoft told VentureBeat that it’s working to fix the Samsung issue and it appears that the company is trying to downplay how important this really is.

We’re pushing for more information about what Samsung will do to resolve this issue.

Update 30/6: Samsung says it will remove the software from affected user’s computers:

“Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days. Samsung remains committed to providing a trustworthy user experience and we encourage customers with product questions or concerns to contact us directly at 1-800-SAMSUNG.”

➀ Samsung deliberately disabling Windows Update [Debugging and Reverse Engineering]

Read Next: Lenovo caught installing adware on new computers

Image credit: Gil C /

Read next: Google ascends Yosemite's El Capitan for the first vertical Street View images

Shh. Here's some distraction