UPDATE:Â Microsoft has issued a statement about these complaints. I’ve added it at the end of the article. –Paul
Kaspersky Lab announced today that it has filed formal antitrust complaints against Microsoft in Europe, alleging that the software giant engages in anti-competitive business practices.
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
“We see clearly—and are ready to prove—that Microsoft uses its dominant position in the computer operating system (OS) market to fiercely promote its own—inferior—security software (Windows Defender) at the expense of users’ previously self-chosen security solution,” Kaspersky Lab CEO Eugene Kaspersky explains. “Such promotion is conducted using questionable methods, and we want to bring these methods to the attention of the anti-competition authorities.”
According to Mr. Kaspersky, he has filed formal antitrust complaints with both the European Commission and the German Federal Cartel Office. And these complaints follow a similar complaint made in November to the Russian Federal Antimonopoly Service (FAS). (Kaspersky Lab is based in Russia.)
At the time of the November complaint, I noted that some of Kaspersky’s complaints were legitimate and that the central issue he’s raising is one I feel very strongly about, that Windows 10 does indeed stomp all over user preferences during upgrades, and that Microsoft could easily fix this issue.
“Kaspersky’s broad points are well-made,” I wrote. “Microsoft has indeed designed Windows 10 to be more user-hostile than previous Windows versions, though it would argue it has made these changes for customers. The question is whether these changes, especially forced updating and upgrading, will ultimately benefit the user base or just drive them away as reliability problems mount.”
Here’s what Kaspersky is alleging more specifically. I’m providing this in his own words because it is, after all, an accusation.
Windows Defender is included with Windows 10 and cannot be turned off. “Microsoft’s antivirus is hardwired into all versions of Windows 10 for home users,” he writes. “It’s impossible to turn it off completely, impossible to delete.”
Windows 10 makes third-party AV more annoying. “Upon attempts to perform any actions with an independent security solution, users are asked at every step: ‘Do you want to run this program?’, adding: ‘You should only run programs that come from publishers you trust’. It’s as if users are about to commit a wrongful action that violates the default settings from Microsoft.”
Windows 10 makes it impossible for third-party AV to notify users when a subscription runs out. “For three days after the expiry of a license for our security solution and the turning off of protection, we are forbidden—through our own notification system—from informing the user that it might be a good idea to extend the license so that protection could get back up and running,” Mr. Kaspersky writes. “Instead … we’re obliged to use Microsoft’s own notification system—now called Action Center—to which many users pay little attention.”
Windows 10 actually removes third-party AV during an upgrade. “You’re updating your OS, and … Windows decides that your existing security solution is, after all, incompatible with Windows 10, deletes its drivers (leaving a bunch of useless files (the solution won’t work without the drivers), and in its place switches on its own solution,” he explains. “Windows does this without the explicit consent of users, and also with barely any warning: the notification displays on the screen literally for just a few seconds. Moreover, while this notification states in bold ‘We turned on Windows Defender’, the fact that your existing security solution was removed is in small, non-bold print.”
After removing the third-party AV, Windows 10 tricks the user into thinking it’s still installed and working. “After the independent protection is deleted, it stays in the list of installed programs!” he continues. “So users … think their chosen security solution is working (why wouldn’t they? It’s there in the list of installed programs; even the icon on the desktop’s still there) when in fact it’s been deleted. The Disappearing Act was designed so that users don’t return to their independent AV, and stay in blissful ignorance as to what’s actually happened.”
Microsoft doesn’t provide third-party AV vendors with enough time to certify their products against new versions of Windows 10. “Independent developers need two months after receiving the RTM to carry out all their fine-tuning before the release of the Windows update to the public,” he claims. “Earlier, Microsoft would give us the RTM version in good time, but of late this has been reduced to a couple of weeks before releasing to the public.” Further, this behavior is bad for everyone, including Microsoft’s own customers. “While studying new versions of the OS, our experts often find vulnerabilities and mistakes in them and inform Microsoft. And normally there’s time left for Microsoft’s own developers to deal with the discovered bugs before the release of the OS to the public. But if everyone’s in such a hurry, there’s no time for such a luxury.”
Mr. Kaspersky believes that these behaviors are too numerous and indefensible to be anything other than a well-planned strategy aimed at harming his business, and at fooling customers into believing that Windows Defender is superior to third-party AV. He has many examples of the Microsoft Support chain providing incorrect information about AV, and even quotes from a Microsoft video in which the presenter explicitly says, “I want you to think about kicking out the independent antivirus because we’ve got a great solution right now and it’s going to be even better in the months to come.”
He also provides evidence from independent testing labs showing that his own AV solution is vastly superior to that provided by Microsoft. That’s easy enough to look up, and he’s correct.
The question, alas, is whether this behavior constitutes an antitrust violation.
On the one hand, you might argue that Microsoft no longer controls the personal computing market, and without a monopoly it can do whatever it wants with its own products. On the other, the EU is a lot more stringent about keeping the market competitive, and Microsoft has already suffered tremendously there. And recently, too: The “privacy theater” baloney that Microsoft added to the Windows 10 Creators Update happened specifically because of EU (and otherwise European) complaints.
Ultimately, what Mr. Kaspersky wants is reasonable.
“We want Microsoft to stop misleading and misinforming … users,” he concludes. “We want to see all security solutions being able to work on the Windows platform on a level playing field. And we want to see users being able to decide for themselves what they want and consider important to them. We want fair and healthy competition, which has always given excellent results everywhere – no matter in which industry or market.”
UPDATE: Microsoft’s response
“Microsoft’s primary objective is to keep customers protected and we are confident that the security features of Windows 10 comply with competition laws. We’re always interested in feedback from other companies and we engage deeply with antimalware vendors and have taken a number of steps to address their feedback. We reached out directly to Kaspersky a number of months ago offering to meet directly at an executive level to better understand their concerns, but that meeting has not yet taken place.” – Microsoft spokesperson
skane2600
<blockquote><a href="#123021"><em>In reply to nbplopes:</em></a></blockquote><p>In order to evaluate the historical security record of Windows one must consider the environment it was originally designed in: no networking, no Internet, and a processor that had no supervisory capability (in fact the Linux architecture as we know it would have been impossible to implement on a PC in the 80s). The dangers in that era where fewer and the capabilities for security more restricted.</p>
skane2600
<blockquote><a href="#123277"><em>In reply to nbplopes:</em></a></blockquote><p>I'm well aware of Linux and have worked on an embedded Linux product years ago. As I'm sure you are aware Windows NT isn't the first version of Windows and some pre-NT aspects of Windows still exist in Windows 10 today.</p>
Bats
<p>Someone needs to tell Kaspersky that the year 2017 and not 2007. Windows 10 had to evolve past Windows 7 to give users the safest experience they can. Microsoft can not bend their will to accomodate of appease 3rd party software vendors, no matter how better their solution is. Microsoft does not have a duty to 3rd Party Vendors. After all, their products are merely "Extensions." Microsoft has a duty to all Windows Users to ensure their online safety.</p><p>Turning off an AV product to install code into the OS is nothing new. ESET Security informs me when Microsoft has updates to install and encourages me to do so. I do not recall a time when OS updates were installed on my Windows 10 computer and the AV solution was turned off or removed from my system. As a matter of fact, ESET was always on. The question is, what is ESET doing, that Kaspersky is not?</p><p>Based on my experience, I think problem is not Microsoft. The problem is Kaspersky. Plus a competent technologist knows that Kaspersky and BitDefender are two of the most hostile and aggressive AV solutions in the market. Remember what ex-Mozilla developer,Robert O'Callahan said about them? </p><p>I liken these AV products, like Kaspersky, to real life Antibiotics medicine. When people get sick, alot of people go straight for the Anti-biotics because they know it destroys the bad microorganism in the body. What some people don't know or understand is that Anti-biotics also kills all the good microorganisms in the body, as well. That's what these 3rd party AV products are like. They want to control the system, in order to protect from the bad stuff, but in effect they are also destroy the good stuff. Remember what Robert O'Callahan, the ex-Mozilla engineer said about those guys?</p><p>I don't understand why Microsoft can't just make their baked in AV solution the best? When it comes to this, they have the homefield advantage. Why can't they just take advantage of that?</p><p><br></p>
skane2600
<blockquote><a href="#123244"><em>In reply to Eric Dunbar:</em></a></blockquote><p>The idea that MS has a monopoly has always been dependent on an artificially narrow definition of the OS marketplace. Furthermore, anti competitive moves against MS were always about helping poorly performing competitors and was never about consumers. The "remedies" were also entirely about enriching those competitors. Netscape's only value to AOL was the potential to sue MS. Ironically AOL grossly overestimated their government provided payday.</p>