Windows Update Silently Installs LG Monitor App, Pushing McAfee Ads
Users report Windows Update automatically installing an LG monitor application that displays unsolicited McAfee advertisements, raising privacy and consent concerns.

A recent user report has surfaced, detailing an alarming instance where Windows Update silently installed an application associated with LG monitors, which subsequently began displaying advertisements for McAfee antivirus software without any user initiation or consent. The incident, first highlighted on Reddit, has ignited discussions about the transparency and user control mechanisms within the Windows ecosystem.
The application, identified as an "LG Monitor App Installer," appeared on users' systems following a routine Windows update. According to user accounts, the installation occurred in the background, with the promotional McAfee ads appearing shortly after the system logged in. This unexpected behavior has led to concerns about the potential for intrusive software distribution through ostensibly trusted update channels.
Further investigation by users revealed that the application was installed via the Microsoft Store as part of a background update process linked to hardware metadata. Windows is designed to automatically install device-specific companion applications for peripherals like monitors, printers, and GPUs to enhance functionality. In this particular case, it appears that systems connected to LG displays triggered the deployment of LG-related software.
While Microsoft allows original equipment manufacturers (OEMs) to distribute companion apps, the silent nature of this installation, coupled with the unsolicited third-party advertising, has drawn criticism. Cybersecurity and privacy advocates are questioning the lack of explicit user consent and the potential for such practices to normalize the distribution of potentially unwanted programs (PUPs) or adware.
Technically, the installation event can be traced using the Windows Reliability Monitor. By accessing this tool through the command perfmon /rel, users can review system events to pinpoint when the application was installed and identify its source. This diagnostic capability helps confirm whether the deployment was indeed tied to a Windows Update or a Microsoft Store background process.
To prevent similar occurrences, advanced users can modify local Group Policy settings. Enabling the "Prevent automatic download of applications associated with metadata" policy in gpedit.msc can halt the automatic installation of device-related applications without explicit user approval. For those seeking stricter control, disabling the Microsoft Store entirely through group policy is also an option to limit background app deployments.
This incident underscores a broader concern within the Windows environment regarding the blurred lines between legitimate OEM software distribution and unwanted bloatware. While hardware manufacturers aim to provide enhanced functionality through their apps, the absence of clear opt-in mechanisms erodes user trust. As of now, neither Microsoft nor LG has officially commented on the reported behavior.
Users who encounter similar unsolicited installations are advised to review their recently installed applications, monitor system changes following updates, and promptly remove any unwanted software. The situation emphasizes the critical need for users to maintain visibility into system modifications, even those originating from seemingly secure update channels.