If Lenovo installing spyware on your laptop wasn’t bad enough, we now have another OEM laptop manufacturer digging a hole for themselves: Samsung, maker of lots of things including freighter ships and solid state drives, ships (or shipped, depending on which country you’re in) an app with their laptops called “SW Update Service.” It ships with most recent Samsung laptops, but since you can’t buy them anymore locally, its more of an issue for anyone that actually owns one now. Hit the jump to learn more.

The software is part of a range of software that Samsung shipped on their laptops by default and its primary purpose is to update the firmware and drivers for the hardware inside the laptop. Not so long ago, notebook vendors weren’t being sold complete kits to assemble a laptop around – they had to source much of the components on their own and they even negotiated deals with companies like AMD, Intel and Nvidia to customise some of the hardware ever so slightly to fit their requirements. As a result, a lot of these notebooks only work with the drivers that Samsung makes for them and the only way to receive automatic updates for those drivers is to use the SW Update service.

The issue was found by Microsoft MVP Patrick Barker, a programmer smecialising in analysis and debugging. He reported it later, after testing how the software worked, to both Microsoft and Samsung. You can follow his entire process on his blog, which delves quite deeply into the inner workings of the program and reverse engineering methodology. Barker even contacted a representative from Samsung about the issue.

Once the news went to town on the internet, Samsung responded swiftly with this statement:

“It is not true that we are blocking a Windows 8.1 operating system update on our computers. As part of our commitment to consumer satisfaction, we are providing our users with the option to choose if and when they want to update the Windows software on their products.

We take product security very seriously and we encourage any Samsung customer with product questions or concerns to contact us directly at 1-800-SAMSUNG.”

A few hours later, Microsoft hit back with their own statement on the matter:

“Windows Update remains a critical component of our security commitment to our customers. We do not recommend disabling or modifying Windows Update in any way as this could expose a customer to increased security risks. We are in contact with Samsung to address this issue.”

Bear in mind, though, that the software isn’t actually disabling Windows Update entirely – it is merely auto-selecting the option that users have to “let me choose what to download and install”, which means that any updates done to the machine should be performed manually. Is that a good choice for users who aren’t technically savvy? Not at all. Samsung is putting a lot of user machines at risk by not allowing critical security patches to bypass their software, and if someone were to turn this harmless app into malware, they’d be able to keep thousands, if not hundreds of thousands of machines from auto-updating to the latest patches.

Source: BSOD Analysis, Hexus,