LG monitors silently install software through Windows Update without consent

924 points - today at 10:21 AM

Source

Comments

devttyeu today at 11:25 AM
This is so much worse that the title makes it out to be:

  1. Your OS installs malware (technically manufacturers software) from a 3rd party vendor in background, zero user interaction
  2. Happens as soon as you or anyone with physical access plug in a device into the HDMI port
  3. That malware has internet and full system access, no sandboxing
  4. It starts with every system boot
  5. This software gets installed when you plug in a new LG monitor
  6. OR ALREADY HAD AN OLDER LG MONITOR PLUGGED IN, BECAUSE LG APPARENTLY ROLLED THIS OUT FOR MANY OLDER MODELS TOO!!
  7. And yes, if you think that's horrendous, as mentioned in the video below, that also applies to 'Professional' LG monitors!

This situation has.. no precedent as far as I can tell..

GamersNexus has a video diving deeper into what LG did here - https://www.youtube.com/watch?v=Q9uefFYe6bM

delta_p_delta_x today at 11:14 AM
Workaround:

  gpedit.msc
  Computer Configuration > Administrative Templates > System > Device Installation
  Prevent automatic download of applications associated with device metadata
  Set to enabled
  OK
On home editions sans gpedit.msc:

  sysdm.cpl
  Hardware tab
  Click Device Installation Settings
  Under 'Do you want to automatically download manufacturers' apps for your devices?', select 'No'
  Save Changes
tialaramex today at 11:29 AM
Assuming they don't get a revenue cut, pushing back on Microsoft can in principle be effective here.

Microsoft decides what happens here, and presumably today they just take it on trust that hardware makers know what software to install. New driver? Sure. McSpam installer? OK. Maybe they have a guideline saying "Don't ship unrelated garbage" but today it's not enforced because why would you do that?

If the Microsoft customers (particularly larger corporate customers) tell Microsoft they hate this that policy will get tightened or if there isn't a policy one is introduced, and outfits like LG get told if you do this again we're taking away your update privileges, 'cos our customers hated this. Because (as I said assuming MS don't get a taste) this is all downside for Microsoft.

Pushing back on LG will be less likely to work because you already bought their product, so at most you can insist you'll forgo LG next iteration and they know such pledges evaporate in practice usually. Whereas Microsoft has contract negotiations every day, somewhere a $$$ contract is being renegotiated next week and if "Yeah, these LG popups suck" comes up - even if it's not a corporate system but the VP's niece's video editing suite for her vlog that's strictly unrelated - that Microsoft sales droid reports this was an impediment and it's on the list of things that don't benefit Microsoft.

gkbrk today at 12:38 PM
A monitor cannot install software on your computer by the way. It's Windows installing this software automatically (for some reason), so the blame should be on Microsoft.

Autorun of malware when you plugged in a USB drive was also a Windows issue, I'd classify this as the same security problem.

OptionOfT today at 5:08 PM
Windows urgently needs to revamp their driver consent model.

You can't block a just one driver. E.g. for my touch screen on the Lenovo website there is version X. When I install it the next day Windows installs X-1.

On Lenovo's website the latest version is 7.7.2.66 (https://pcsupport.lenovo.com/us/en/products/laptops-and-netb...).

Windows reverts that to 7.7.2.44.

I tried blocking that update with the Powershell command-thingy, but even that doesn't work:

    Administrator in ~
    get-windowsupdate -isHidden | ft Status,KB,Size,Title

    Status  KB Size Title
    ------  -- ---- -----
    ----H--    92KB Wacom Technology - HIDClass - 7.7.2.44
(this command by the way takes 20+ seconds), and the filtering doesn't work because there is no KB.
deathanatos today at 5:37 PM
Malware like this will continue until there is privacy laws that make it illegal.

The GN video focuses a lot on consent, and while maybe this is notionally currently illegal without consent, that just steers towards companies shipping a generic ToS popup, claiming you "read" that 1.8 PiB of ToS, and including the "oh btdubs we can modify these terms at any times and if you want to go to court lol forced arbitration has other ideas about that."

MS & Windows having conditioned users to expect / think they need drivers for peripherals speaking standard protocols is also part of this. A monitor shouldn't need a driver. It takes the pixels, it displays the pixels.

GaProgMan today at 11:22 AM
Gamers Nexus have a video about this. Definitely worth a watch.

https://www.youtube.com/watch?v=Q9uefFYe6bM

motbus3 today at 11:34 AM
I am tired of this. LG is now on my blacklist alongside EA and Blizzard Entertainment for their anti consumer practices. I can't change them, I can't change policies about it. I can choose to not buy.
kingleopold today at 11:14 AM
They used to call this spyware/malware. Now it's a regular practice by eng. teams and managers inside these big corp. Well played guys :) Congrats with new type of tricks
lardosaurusrex today at 4:05 PM
I dunno why so many people across different platforms insist that anyone concerned about this is overdramatic.

This is one of those things where if I found the person responsible I would likely spit in their face; if not worse. It's quite literally spyware installed as you plug it in much like those old DVD DRMs from sony that would install spyware.

It's garbage.

regexorcist today at 1:18 PM
Seriously, why use Windows in 2026? Such a hideous OS and ecosystem with endless malware, backdoors, and dark patterns.
thejokeisonme today at 11:14 AM
Your OS silently installs malware. Doesn't get much worse than this.
discordance today at 11:19 AM
McAfee should be classified as a virus
dhash today at 11:20 AM
it's worth noting that the price of these monitors got cut in half due to this news -- great for the linux users out there
sigio today at 11:21 AM
Why do people even install 'drivers' for things like monitors. (Or usb devices running 'standard' protocols). The OS handles these just fine by itself.
ninalanyon today at 9:36 PM
Why does a monitor install anything at all? Why does it even have a mechanism to do so?
lapelusa today at 12:40 PM
LG is not a computer OS developer. Microsoft is. Microsoft has steered from developing software to developing malware for years now. This is simple: LG and McAfee paid MS to DP this, and they did.

It still blows my mind that most people still put up with this kind of behavior. I get that some people can't get away from Windows due to genuinely needing to use software that will only run on it, but that has to be around 0.1% or less of current windows users. There is no justification for the other 99.9% to choose to stay in such a toxic relationship.

paweladamczuk today at 7:03 PM
I once plugged in a Logitech keyboard on a fresh system and got a colorful branded popup covering several inches of screen real estate in the bottom right corner. It was urging me to download some Logitech software.

As far as I know, the source of the graphics was not the unifying receiver that I plugged in the USB port, and the notification was not using any OS API meant for hardware to be avle to prompt the user for additional download. It was a Logitech-built DLL shipped and loaded by the operating system as part of some default driver for the Logitech keyboard.

scottydelta today at 2:44 PM
Similarly after getting annoyed at my TV for showing ads and other privacy issues, I have started working on a smart TV version of the casting device my startup makes.

I have been using it for both personal use and other work use-cases, here is a demo: https://www.youtube.com/watch?v=jObZzI2_pv0

Just like youtube, I can log in to my netflix, amazon prime and then use the touch screen to choose the movie to watch and it gets played on the external screen. I am building it how I would use it as a power user.

Kelteseth today at 11:07 AM
Can confirm. This happened to me yesterday on my Windows 11 machine. Uninstallation was only listed in the Microsoft Store -> Library.
throwa356262 today at 11:27 AM
Last time a company abused platform driver delivery to install adware, Microsoft threatened to pull their drivers altogether.

But those were different times...

Ciantic today at 2:02 PM
I also discovered that these days motherboards come with a payload in their chipset, which gets installed automatically in background unless you figure out to turn it off from BIOS before installing Windows. In my case it was bunch of ASUS useless stuff, not just drivers, some "Armoury Crate" etc. Which just keeps running in background. I've switched to KDE, that kind of solved itself.
callamdelaney today at 2:00 PM
They were doing this over a year ago [1]

[1] https://www.linkedin.com/posts/callam-d-b38b05105_windows-is...

jzer0cool today at 8:08 PM
How to ensure physical devices like keyboard, monitor, mouse are safe? Essentially all recording devices.
throwatdem12311 today at 2:19 PM
Installing drivers and software for connected hardware is just something Windows has done through Windows update for a long time.

Is this a good practice? I don’t really know. We used to get drivers on CDs, but barely anyone has a drive on their computer anymore. You could download them from the vendor website but these are usually a mess and very difficult to navigate to find the right thing — impossible for your grandma.

Could do like Linux and just build trusted software right into the kernel - but then people will complain about bloat.

So we are where we are. I guess.

nipperkinfeet today at 5:53 PM
Over time, major tech companies have learned from malware writers and now incorporate these tactics into their own products. This is a matter of great concern.
ta988 today at 6:40 PM
Windows is malware that pulls other malware.
pluralmonad today at 1:15 PM
A malware OS installing other malware seems fitting.
dcj4 today at 1:00 PM
windows update is a well known malware vector, how does this warrant any news? if you absolutely have to use windows, you either go through the effort of stripping the particular version you chose from all the spyware and malware it comes packaged with and gut the malware loader paths out of it, or you accept that you're running a botnet node you have little to no control over.
inigyou today at 11:28 AM
They also come with terms of service which assert that you will inform everyone in the vicinity of your TV that their voices are being recorded by your TV.
cosmotic today at 8:20 PM
If you're going to blame someone here, it should probably be Microsoft. They are the ones that built the system LG is utilizing.
hangrybear666 today at 10:11 PM
This should not only be illegal in the EU but for the entire world. Malware level shit
Telaneo today at 6:58 PM
My heart aches for those who can't opt out of using Windows.
mfro today at 4:40 PM
Fun fact, Gigabyte motherboards do the same thing. Thankfully they give you an option to disable it in BIOS.
sinoue today at 2:08 PM
Trust is a valuable commodity that once lost is very hard to regain. LG's big brother installs has me questions buying anything LG to bring in my home.
Gud today at 1:04 PM
Not surprised.

My wife CONVINCED me to buy an LG tv instead of my typical dumb monitor.

Now I get constant ads and a constant nagging of updates available, that will install more ads and spying features...

winstonwinston today at 2:52 PM
Microsoft can remove device driver crapware from being distributed via windows update if you can get their attention on this.
buzer today at 2:14 PM
If someone is in EU and is affected by this they could potentially utilize GDPR to make both Microsoft and LG take responsibility for this.

It's hard to say directly from the article if there is any GDPR breach. If everything was part of the installer and it doesn't actually submit anything (including downloading the ad) to LG then it's harder to argue that there is GDPR violation, but knowing the SOP of these kinds of software that is unlikely.

If the software did indeed send personal data to LG then there are at least following question: How was Article 13 notice delivered to user? Article says that this was installed quietly. Did Microsoft deliver Article 13 compliant notice to user at some point? They probably did deliver their own notice (though it's open question if it's compliant), but not LG's. However since Microsoft is the one that installed the software and they exercise control over the standards which must be met, it's possible that they would end up being joint controller at least for some processing.

I should add that Article 13 requires that the notice is given "at the time when personal data are obtained". The only exception is when "data subject already has the information" and possible Article 23 restrictions, but those are unlikely to apply.

If someone wants to make a complaint they should first make Article 15 request to LG. Copy of personal data is useful, but 15(1) information is the primary goal. Additionally ask for information on how and when did LG provide you the Article 13 notice if they did indeed process your personal data.

After that if they cannot show that they provided Article 13 notice when they received your personal data submit a complaint to your local DPA. You can additionally flag other violations as well if they are applicable (e.g. not naming recipients as part of Article 15 response, not giving actual retention time or meaningful information how that is determined, invalid legal basis etc.). You should also flag in the complaint that Microsoft is likely joint controller for some of the processing given that they are the ones who approved the automatic install of the software which violated GDPR.

dev1ycan today at 9:09 PM
The quick state in which we're devolving into a dystopia will eventually be studied a hundred years from now...
infinite_spin today at 1:01 PM
the paranoid part of me thinks this is a war of attrition, where if every company imaginable has to be taken to task for intrusive behavior that we'll eventually grow numb to it, or that with a large enough onslaught we'll never be able to outpace it. It's not like there is profit to be made from preventing this behavior, and incredible incentives to, at minimum, turn a blind eye.
was8309 today at 4:38 PM
the instructions to enable "Prevent automatic download of applications associated with device metadata" don't work for me w/ W11, any ideas? thanks
boomskats today at 11:12 AM
Not great, but also not at all surprising.

Not sure about other solutions, but one suggested workaround here would be to silently uninstall Windows without consent.

rbanffy today at 11:52 AM
At this point, such shenanigans are to be expected when using Windows.

I guess my next machine will have a VGA port ;-)

And no Windows.

astonex today at 11:27 AM
Shame on Microsoft for allowing this
Havoc today at 1:22 PM
Why are hardware manufacturers so shit at software?

Whether it’s router safety or NVIDIA software hammering DNS servers hundreds of thousands of times or this. Across the board they seem below average competent when it comes to software. I get that they’re specializing on hardware but why so very bad?

Edit. This isn’t even the only thread today. See TPlink fucking up on leaking your GPS coordinates also on front page

deleted today at 12:44 PM
tantalor today at 12:41 PM
Windows is malware
variadix today at 3:40 PM
Alienware does the same thing, and as far as I could figure out, there is no way to stop it. The enshitification of Windows at this point is incredible.
DevPulse today at 3:28 PM
I am using an LG ultra wide monitor and have not had any popups or ads.
j45 today at 6:48 PM
This appears to be much worse on so many more fronts than this article says.

It's basically how a virus would infect your computer through a USB Key.

Forcing itself to be installed, hiding what it does, sustaining itself across reboots, bypassing all security restrictions... because a monitor might need something new after all these decades?

throawayonthe today at 11:33 AM
? isn't this normal windows behaviour?
ChrisArchitect today at 5:48 PM
AlienRobot today at 12:42 PM
I have an LG monitor and I think I managed to avoid this by using Linux.
msla today at 5:31 PM
There's two maxims:

You get what you pay for.

If you're the customer, you're the product.

"You get what you pay for" means if you buy proprietary software, you get software from proprietary vendors who act like modern proprietary vendors act these days, which is using every avenue to maximize profits. There's no recourse, because it is proprietary and, therefore, belongs to the software maker, and not you. It is not your property, it is theirs.

Which leads into...

"If you're the customer, you're the product" because customers are valuable products. You willingly bought the service, so your data is data from someone who is interested in the company and probably willing to buy more from it and its partners if the company can target you. Your data, therefore, has resale value, making you a product to be sold.

atoav today at 12:33 PM
Good to know. LG is now on my blacklist.
motbus3 today at 11:37 AM
I think this is how they are going to make us pay rent for what we bought. They will make everything unusable unless you pay more and make some cuckoo TOS saying that you agree to be held in contempt if you circumvent their measurements.

Honestly, if we don't push it back hard, it will only get worse and worse. Why we were cancelling people if they used wrong pronouns and suddenly we got tired of doing the same with stuff that we all should agree on that is terrible.

__MatrixMan__ today at 3:14 PM
It's shit like this that caused me to start refusing to help my mom and her friends with their windows computers. I'm not going to support their shady activities anymore. If you want my help the first thing we're doing is installing Linux.
Hikikomori today at 11:20 AM
Last 2 were LG, been looking at a new one but I guess I'll go with another brand that has their panels.
justsomehnguy today at 11:13 AM
And Razer, Logitech, nvidia and everyone else who has it's driver package accepted into WU.

No, you can't have a "(o) just the driver" checkbox because... honestly there are a lot of reasons and the device manufacturers are the guys who demand that in the first place.

phendrenad2 today at 3:03 PM
All gaming brands try to install software with every driver update. AMD, Nvidia, Razer, Corsair, etc. The difference is LG made it silent, which is a big no-no. Pushback should be on LG, a respected consumer brand that should know better.
grayhatter today at 12:57 PM
So I own 5 LG monitors. But now I can't buy LG. I also refuse to support Samsung.

Are there any high quality panel manufacturers left that aren't run huge pieces of shit? Or at least try to respect the people buying their hardware?

luciana1u today at 11:28 AM
we finally cracked self-installing software, it just turns out the payload is McAfee and the installer is an HDMI cable
GuestFAUniverse today at 1:21 PM
Oh, come on! LG force fed people with ads on TVs. And now everybody acts surprised?

Do. Not. Buy. LG.

There are a lot of decent alternatives. Stop buying from the sick heads.

greatgib today at 12:17 PM
If you had time to spend, I'm wondering if you couldn't sue LG or Microsoft in some countries for something equivalent of "hacking". Like intrusion in a computer network. As it is unsolicited installation of something that is unexpected.

As there is no consequence for them, again there is no reason that it changes or that it doesn't get worse in the future.

jdw64 today at 11:27 AM
In Korea, pretty much all devices come with Windows. It's hard to live outside of Windows. Most programming is done in CPP,C#, and even when people use C, the majority are working on top of an IDE. The OS kernel layer only really appears in things like Samsung phones—the vast majority of work is on the application layer, and most consumers are on Windows on their desktops. It seems unavoidable
anonym29 today at 11:17 AM
If you're using Windows on a personal device in the first place, you're pretty loudly declaring that your consent doesn't matter anyway.

That's not your computer, that's Microsoft's computer. You're the threat model they lock it down against, you're the schmuck that keeps them fed, and you're the possible terrorist/hacker to be surveilled, tagged, tracked, and monitored.

If you care about consent as it relates to your use of technology, you shouldn't be using Windows in the first place, and this has been obvious for well over a decade now.

inventor7777 today at 2:48 PM
Seems like every day I don't use Windows, the less I miss it lol
BoingBoomTschak today at 11:16 AM
[Laughs in Linux/BSD]
deleted today at 2:19 PM
ralphlarry today at 1:26 PM
[dead]
CurbStomper today at 3:08 PM
[dead]
guesswho_ today at 12:41 PM
[dead]
qmr today at 11:43 AM
Beyond tired of the rape mentality from Microsoft and other evil mega corp's.

Remember when you used to own your "personal" computer?

bravo777 today at 3:27 PM
Windows works well most of the time for most people. I have a couple of Windows PC's, both exotic and standard, and I get what I paid for out of them. Humans love to hyper fixate on the failure cases when they're bored, and this is just one of them for Windows.

Mostly anyone who has a need to work for privacy and making their own lives difficult by removing automations deserve working through the barrier of entry to do so.

adamtaylor_13 today at 12:29 PM
This is an excellent use of agentic AI, btw. Fire Claude up and say, "Remove LG malware and mcafee from this computer. Make regex changes so it can't be installed again."

My current windows 10 install is cleaner than any other windows machine I've ever owned due to using Claude to deep dive and rip stuff out.