Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:45 PM
Connect Directly

Microsoft Abusing Market Dominance In AV Space, Kaspersky Lab Says

Redmond is unfairly shutting out rivals and uninstalling third-party tools without user permission, Kaspersky says.

Software vendor Kaspersky Lab wants Microsoft to stop being a bully and give smaller companies like it a fair shot at competing in the highly competitive market for antivirus products.

The Moscow-based company this week filed complaints with antitrust authorities in the European Union, Russia, and elsewhere over what it claims are anti-competitive practices by Microsoft.

It accused the Redmond-based behemoth of abusing its dominant market position to foist the Microsoft Defender antivirus product on end users while creating obstacles for rivals to get their products in front of them.

“We think that Microsoft has been using its dominating position in the market of operating systems to create competitive advantages for its own product,” said Eugene Kaspersky, the CEO and founder of his eponymously named security firm.

“[Microsoft] is also creating obstacles for companies to access the market, and infringes upon the interests of independent developers of security products,” Kaspersky said in a sharply worded diatribe on the company’s blog.

Kaspersky listed several issues that he said highlighted Microsoft’s abusive practices.

One gripe involves what he says is the nasty habit by Windows 10 to change settings, uninstall user-installed third-party apps and replacing them with Microsoft apps, without so much as a ‘by your leave’.

For example when a user upgrades to Windows 10, Microsoft automatically deactivates any "incompatible" security software it finds on the system and installs Defender instead.

Independent software developers were given just seven days before the release of Windows 10 to make their software compatible with the new operating system. So it is not surprising that many products installed on user systems are incompatible, Kaspersky said.

When a user does have a compatible AV product, Windows 10 displays an alarming-sounding notice urging users to click and button for activating Defender. But when they do click on the button it also deactivates any other third-party antivirus product on the system, Kaspersky claimed.

Microsoft has also made it harder in Windows 10 for users to know when their existing license for a security product might have expired so they don’t renew it in a timely fashion. In such instances, Microsoft simply deactivates the product and turns Defender on instead.

“Actually, Microsoft’s actions aren’t only making things worse for users and killing off the whole ecosystem of independent developers; they’re also undermining users’ trust in Microsoft,” he said,

Specifically, Kaspersky Lab wants antitrust authorities in the various countries where it has raised the issue, to make Microsoft provide new Windows versions and updates in a quicker fashion to independent developers so they can maintain compatibility of their software with the operating system.

Kaspersky Lab also wants Microsoft to explicitly inform users about the presence of potentially incompatible software on their systems when upgrading Windows and about the need to install compatible versions of the same software after the upgrade. Lastly, the company wants regulators to ensure that Microsoft does not enable Windows Defender by default on end user systems and instead require explicit permission from users before doing so.

In a statement Friday, Microsoft did not respond to any of the complaints raised by Kaspersky in his blog. Instead the company noted its long history of cooperation with Kaspersky Lab and its commitment to complying with Russian laws. “The company hasn’t received an official notification from [Federal Antimonopoly Service],” the statement said referring to the body that enforces Russian fair competition laws. “As soon as we get it, we will review it carefully,” the statement noted.

Despite long-standing analyst prognostications about the commoditization of the antivirus market space and the growing inadequacy of these tools against modern threats, demand for AV products such as those sold by Kaspersky continues to be robust and is serviced by numerous vendors.

At the end of last year Microsoft led the market with an early 16% share, followed by Avast and Malwarebytes with 15% and 11.6%, respectively, according to market share numbers from OPSWAT. Avast’s $1.3 billion purchase of AVG earlier this year has put the combined entity on top of the pile.

Kaspersky meanwhile ranks in the Top 10 AV vendor list with a market share of around 4%.

Related stories:


Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
11/12/2016 | 6:42:30 PM
http://www.192168ll.net/ www.192168ll.net
Russia investigates Microsoft for allegedly blocking Kaspersky software.
User Rank: Moderator
11/12/2016 | 4:54:47 AM
prayer times

Kaspersky is a monopoly in their field and in their area, so that he did not, it will be accepted with a positive assessment. 


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before, and Sentry before 9.7.3 and 9.8.x before 9.8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before allow remote attackers to bypass authentication mechanisms via unspecified vectors.
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before allow remote attackers to read files on the system via unspecified vectors.
PUBLISHED: 2020-07-07
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affecte...
PUBLISHED: 2020-07-07
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url` or `options` is not ...