By disabling Windows Update, Samsung was severing its customers' link to the only sanctioned distribution channel for Microsoft software updates, including, as the spokesman noted, vulnerability patches.
"This is a rather sad state of affairs," echoed Andrew Storms, vice president of security services at New Context, a San Francisco-based security consultancy. "Windows Update is there for a reason. It's the de facto channel for Microsoft to distribute updates to their users."
By crippling Windows Update, Samsung was shouldering obligations Microsoft has long assumed, Storms argued. That is, if Samsung was passing along Microsoft's patches. "If this is accurate, it means that Samsung is essentially taking responsibility for distributing patches," Storms said. "Or perhaps distributing their own versions of the patches."
And it that was true, then there was no guarantee Samsung was not interfering in an even more unacceptable fashion. "There is, of course, a possible nefarious angle here," said Storms. "Which was my hint to their own versions of the patches."
Storms was clearly flummoxed by Samsung's apparent disregard for its customers' security. "What's up with these people?" he wondered.
Sign up for CIO Asia eNewsletters.