Manufacturers sometimes do some pretty inexplicable things to their products in the name of helping end users. For example, it has recently been discovered that Samsung is quietly and automatically installing an application on their laptops, through the company's software updater tool, that disables Windows Update.
The app in question is reportedly called "Disable_Windowsupdate.exe", and does exactly that: it disables Windows Update, and will continuously do so on each reboot even after a user re-enables it. The tool is digitally signed by Samsung Electronics, and is installed silently through their SW Update software without the user's knowledge.
This suspicious activity was discovered by Microsoft MVP Patrick Barker while attempting to troubleshoot a Windows Update issue on a Samsung laptop. It's unknown which laptops are affected, though the first reports highlighting this behavior appeared as early as April 2015, as The Next Web notes.
According to a Samsung support representative speaking to Barker, the app is installed to prevent Windows Update from installing incompatible driver updates. The rep said, via online chat:
When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.
While the support rep gives us some idea of the motive behind silently installing this app, both Samsung and Microsoft are yet to make an official statement on the matter.
Disabling Windows Updates in this fashion is bad for a number of reasons, even if Samsung wants to prevent it from installing incompatible drivers. Firstly, disabling Windows Update prevents users from receiving critical security patches, leaving them vulnerable to attacks. Preventing a user from receiving security patches is not something a company should be doing, ever.
Secondly, the way in which Samsung's SW Update tool installs this app (allegedly over a non-secure protocol) is vulnerable to attack. If someone with malicious intent compromises Samsung's server, intercepts the update delivery mechanism, or compromises Samsung's certificate, all sorts of malware could be installed on Samsung's laptops without a user knowing about it.
And finally, it's unlikely that a driver update installed through Windows Update will completely break a device. Microsoft does a pretty good job of installing correct, working drivers through automatic updates, so there's no real need for an OEM to disable their installation by disabling Windows Update entirely.
Hopefully Samsung will see the error of their ways, and release an update through their SW Update tool that automatically removes this unnecessary behavior.