Kaspersky accuses Microsoft of monopoly abuse

• Unsupported products disabled without warning
• Kaspersky files complaints in Russia and the EU

THIS is hardly the first time that the leviathan of Seattle has been accused of anti-competitive trade practices. And it certainly will not be the last either.

Billionaire Russian anti-virus developer Eugene Kaspersky is now complaining about Microsoft and Windows 10. His complaint mirrors that of videogame legend, Tim Sweeney, who accused Microsoft of trying to kill off Steam.

Kaspersky's gripe is the way Microsoft bundles its own free security software, Defender, with Windows 10. He opines that Microsoft has created barriers to third party security solutions and is acting against the interests of such developers.

Accordingly, Kaspersky says the company has filed complaints with competition authorities in the EU and Russia. He has asked them to compel Microsoft to cease its anti-competitive behaviour.

From Microsoft's perspective, it is caught between a rock and a hard place. With sophisticated hacks and ransomware on the rise, unlike the days of Windows 95, Microsoft is now very focussed on security. Far too many Windows users are lackadaisical about security and do not bother to install a third party anti-virus product. With Windows 10 Defender, Microsoft wants to ensure that every Windows system has at least a basic level of protection.

Since Windows 8, the built-in MS anti-virus software automatically disables itself if it detects a third-party product installed and up-to-date. This was also a ploy to keep its OEM partners happy. Many OEMs get royalties from the pre-installed anti-virus software.

If the third party security product expires, Windows 10 will display warnings for a few days. If the user opts to do nothing about these, the expired product gets disabled and Defender will turn on automatically.

In his blog, Kaspersky complains about a number of Windows 10-specific issues. Firstly, when upgrading to Windows 10, the operating system detects certain 'unsupported' anti-virus programs and uninstalls them. This happens even if the user elects to keep personal files and apps. From Microsoft's perspective, outdated or unsupported security software is too risky to keep.

According to Kaspersky, when Windows 10 and its subsequent major updates were released, anti-virus companies were left out in the cold. There were only a few days between a Windows 10 beta release hitting the Insider Program and final shipments to end users. In fact, with recent Insider Preview builds, Microsoft has included a warning that certain third party security products will be disabled.

"Let’s say you’ve an independent AV. You intentionally – or not (e.g., with bundled software) – install a trial version of a different AV, but forget to delete it or purchase a license for it," says Kaspersky. "When the trial period is up, Windows quietly turns off both AVs, and – you guessed it – turns on Defender! So, it’s out with two non-Microsoft products, and in with one Microsoft product, in no way whatsoever for a more comfortable – or safer – user experience."

Kaspersky now demands that regulators force Microsoft to "provide new versions and updates of Windows to independent developers in good time so they can maintain compatibility of their software to Windows."

The problem with this argument is that this 'issue' affects not just Kaspersky. Other anti-virus vendors like AVG also face the same hurdles. And they seem to have had no problems launching compatible products on time.

Kaspersky also wants the Windows 10 install/upgrade process to change. He wants Windows to make it really clear that incompatible anti-virus software will be disabled. Currently, the notification that incompatible software has been removed during the upgrade is only shown after the upgrade has been completed. Kaspersky also wants Microsoft to specifically recommend the installation of compatible third party versions after the upgrade.

This proposed change will affect other non-security related products as well. These include third party VPN clients and Windows optimisation tools.

Finally, Kaspersky is critical of the way Windows10 defaults to Defender. Windows warning screens encourage users to enable Defender. This immediately disables third party products - even if the product is working correctly and up-to-date. Kaspersky wants Windows to always explicitly ask permission before enabling Defender.

In Kaspersky's view, Microsoft's decisions around Defender is part of a pattern to completely cut out third party developers. Like browsers, anti-virus vendors are now in Microsoft's cross hairs. 

Kaspersky says Microsoft is building a "totalitarian/police-state platform in which there's no place for independent developers or freedom of choice for users."

Although complaints may have been filed with the competition authorities, it is unlikely they will move quickly. And the remedies may not be particularly palatable to the consumer.

One of Kaspersky's proposed remedies includes delaying the release of major Windows updates to give anti-virus developers more time to update. This would also mean delaying the availability of Windows 10 bug fixes, security updates and new features to users.

With this controversy bubbling to the surface, DNA took the opportunity to interview Jesmond Chang, Head of Corporate Communications at Kaspersky Lab Asia Pacific.

DNA: Windows Defender is free for users. How can you describe the inclusion of free software as anti-competitive?

I wouldn't say that Windows Defender is free – its cost is included in the Windows OS cost, as well as cost of other software Microsoft develops for Windows. Not only Kaspersky Lab, but also other independent developers are worrying today that Microsoft is abusing its dominant position  in the market to create competitive advantages for its own software and exclude other competing security software manufacturers.

This problem touches not only cybersecurity vendors, but also developers of games, browsers, search engines, and many others around the world. We conduct negotiations with some of them in order to combine our efforts and to provide users with their inherent right to choose the software which they think are best suited for them.

We believe that freedom of choice contributes to the development of competition and that competition leads to technical progress. That is why we are pleased to know that the Federal Antimonopoly Services of Russia accepted our application and recognised signs of violation of the antimonopoly law by Microsoft. This means for us a first step to an independent market for all Windows developers. The next step for us is to file an application with the European Commission, in which we will also defend our position that all competing applications should have equal conditions for market entry.

Kaspersky Lab provides free solutions for users as well, but free and paid solutions are incomparable in most cases. For example, according to independent test labs, Windows Defender provides a below average experience to other solutions in the market.

As our brief review has also demonstrated, in some cases the IT security technologies built into Windows 10 are insufficient for full-scale protection against malicious attacks. As in previous Windows versions, all possible attack vectors should be blocked using dedicated Internet Security class security solutions.

DNA: In the blog, you complain about annual subscriptions getting out of date and Windows Defender becoming active. One way of stopping this would be to offer a free version which is always active - like AVG. What is stopping Kaspersky from doing this?

We also have many free solutions for different platforms, including Windows: available here. For example, our Kaspersky Free solution is based on the same anti-virus engine that is used in our other products, but has a limited set of features compared to the paid-for products.

DNA: Kaspersky blog also accuses Windows Defender of offering inadequate protection. In your opinion, what threats are not covered by Defender?

Defender noticeably lags behind on the functionality front. it doesn’t have a built-in VPN, webcam protection, password manager, backups, exploit prevention, protection for online banking, shopping, proactive protection against future threats and hundreds of other features which are all useful in providing maximum protection and a better user experience.

Related Stories:

Akamai releases Q3 2016 State of the Internet / Security Report

No silver bullet to perfect network security

Ensuring Malaysia’s food security with IoT-BDA

For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.