Kaspersky Takes Aim At Microsoft, Alleging Antitrust Violations Around Anti-Virus And Windows 10 Updates

Kaspersky Lab is taking aim at Microsoft, alleging the software vendor is edging out competitors in ways that violate antitrust laws with its latest Windows 10 update.

Kaspersky alleged that it was only given one week to make its software compatible with the latest security updates to Windows 10. The Moscow-based company said that included automatically deactivating all other anti-virus software and replacing it with Windows Defender anti-virus, limiting the number of anti-virus companies on a PC to one (other than Defender), as well as urging customers to replace compatible anti-virus alternatives with Windows Defender. Kaspersky alleged Microsoft is also limiting the ways for anti-virus companies to alert customers when renewals are due.

Microsoft, Redmond, Wash., did not respond to requests for comment.

[Related: Here's Who Made Gartner's 2016 Magic Quadrant For Endpoint Protection Platforms]

In a blog post late last week, Kaspersky CEO Eugene Kaspersky said he used to respect Microsoft's efforts to increase the security of its operating system, but the recent moves by the company have "left me very disappointed and dismayed." He said the changes make it clear that Microsoft's previous steps around security and overhauling of its operating system were part of a move to squeeze out independent software vendors.

"The trend is clear: Microsoft is gradually squeezing independent developers out of the Windows ecosystem if it has its own application for this or that purpose," Kaspersky said in the blog post. "In doing so, Microsoft is acting against the interests of users since a lot of its products are of inferior quality."

On Friday, the Russian antitrust authority opened an investigation into the issue, saying it will look into whether Microsoft violated country laws that prohibit companies from using their market position to prevent competitors from operating against them. In a statement about the investigation, Deputy Head of the Federal Antimonopoly Service Anatoly Golomolzin said the agency is looking into whether Microsoft's actions lead to an "unreasonable advantage" for the vendor.

"Our task is to ensure equal conditions for all participants on this market," Golomolzin said in a statement. Kaspersky said he has also urged the European Union to take action.

Kaspersky said he is pushing for Russia and the European Union to require Microsoft to provide updates to software developers well in advance of their release, inform users of incompatible software before updates, and ask users for permission before enabling Windows Defender.

"Diversity of an open ecosystem is an essential condition of its security. Competition gives rise to new ideas; technologies get polished, infrastructure gets developed, and all-round security gets raised," Kaspersky said in his blog post. "I hope we can find a resolution to this issue. I hope that we can work together with Microsoft not only for the benefit of the independent development community, but also – and more importantly – for those who trust us to protect them in the evolving threat landscape. Our companies need to be fighting cybercriminals together instead of fighting each other, and I have hope that this is still possible," he continued.

CRN reached out to other major anti-virus vendors, including Intel Security, Symantec and AVG (now part of Avast), about their own offerings and if they intend to file a lawsuit but had not heard back as of press time.

The concerns from Kaspersky come as Microsoft builds on its security portfolio, including making acquisitions and rolling out "enterprise-level security" changes to its new Windows 10 operating system. Microsoft has also received a lot of pushback for its efforts to push users to upgrade to Windows 10, with customers complaining about constant upgrade reminders and advertising for promoted third-party applications. This push has led to reports of some users turning off the upgrade option entirely, which would leave them out of the loop of critical security updates.

Solution providers said the lack of warnings and instantaneous updates are concerning especially around the impact it could have on third-party anti-virus offerings they sell to their customers. One solution provider executive, who partners with Kaspersky and other anti-virus vendors but did not want to be named, said this type of push could have major implications for customers, especially those with large deployments of anti-virus offerings.

"Do you just let your car manufacturer push automatic updates to your car? No, because you could be driving it," the executive said. "You need to understand what these things could be and what the impact could be."

Another concern, the executive said, is that Microsoft's anti-virus offering is "not something I would recommend" based on its third-party ratings. In its 2016 Endpoint Protection Platform Magic Quadrant ranking, Gartner named Microsoft as a "niche" player, saying it is a "reasonable solution" for those already invested in the Windows ecosystem but still relies heavily on signatures, making test results "very low," and lacks other security capabilities.

The executive said it is important for solution providers to understand what is running on their customers' environments and how changes by Microsoft around security impact those offerings.

"You have to understand what your business runs on, the technology it runs on and how it's impacted. … Everyone has their whole lives on the platform, but they don’t understand the platform from a security and an update perspective," the executive said.