Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:45 PM
Connect Directly

Microsoft Abusing Market Dominance In AV Space, Kaspersky Lab Says

Redmond is unfairly shutting out rivals and uninstalling third-party tools without user permission, Kaspersky says.

Software vendor Kaspersky Lab wants Microsoft to stop being a bully and give smaller companies like it a fair shot at competing in the highly competitive market for antivirus products.

The Moscow-based company this week filed complaints with antitrust authorities in the European Union, Russia, and elsewhere over what it claims are anti-competitive practices by Microsoft.

It accused the Redmond-based behemoth of abusing its dominant market position to foist the Microsoft Defender antivirus product on end users while creating obstacles for rivals to get their products in front of them.

“We think that Microsoft has been using its dominating position in the market of operating systems to create competitive advantages for its own product,” said Eugene Kaspersky, the CEO and founder of his eponymously named security firm.

“[Microsoft] is also creating obstacles for companies to access the market, and infringes upon the interests of independent developers of security products,” Kaspersky said in a sharply worded diatribe on the company’s blog.

Kaspersky listed several issues that he said highlighted Microsoft’s abusive practices.

One gripe involves what he says is the nasty habit by Windows 10 to change settings, uninstall user-installed third-party apps and replacing them with Microsoft apps, without so much as a ‘by your leave’.

For example when a user upgrades to Windows 10, Microsoft automatically deactivates any "incompatible" security software it finds on the system and installs Defender instead.

Independent software developers were given just seven days before the release of Windows 10 to make their software compatible with the new operating system. So it is not surprising that many products installed on user systems are incompatible, Kaspersky said.

When a user does have a compatible AV product, Windows 10 displays an alarming-sounding notice urging users to click and button for activating Defender. But when they do click on the button it also deactivates any other third-party antivirus product on the system, Kaspersky claimed.

Microsoft has also made it harder in Windows 10 for users to know when their existing license for a security product might have expired so they don’t renew it in a timely fashion. In such instances, Microsoft simply deactivates the product and turns Defender on instead.

“Actually, Microsoft’s actions aren’t only making things worse for users and killing off the whole ecosystem of independent developers; they’re also undermining users’ trust in Microsoft,” he said,

Specifically, Kaspersky Lab wants antitrust authorities in the various countries where it has raised the issue, to make Microsoft provide new Windows versions and updates in a quicker fashion to independent developers so they can maintain compatibility of their software with the operating system.

Kaspersky Lab also wants Microsoft to explicitly inform users about the presence of potentially incompatible software on their systems when upgrading Windows and about the need to install compatible versions of the same software after the upgrade. Lastly, the company wants regulators to ensure that Microsoft does not enable Windows Defender by default on end user systems and instead require explicit permission from users before doing so.

In a statement Friday, Microsoft did not respond to any of the complaints raised by Kaspersky in his blog. Instead the company noted its long history of cooperation with Kaspersky Lab and its commitment to complying with Russian laws. “The company hasn’t received an official notification from [Federal Antimonopoly Service],” the statement said referring to the body that enforces Russian fair competition laws. “As soon as we get it, we will review it carefully,” the statement noted.

Despite long-standing analyst prognostications about the commoditization of the antivirus market space and the growing inadequacy of these tools against modern threats, demand for AV products such as those sold by Kaspersky continues to be robust and is serviced by numerous vendors.

At the end of last year Microsoft led the market with an early 16% share, followed by Avast and Malwarebytes with 15% and 11.6%, respectively, according to market share numbers from OPSWAT. Avast’s $1.3 billion purchase of AVG earlier this year has put the combined entity on top of the pile.

Kaspersky meanwhile ranks in the Top 10 AV vendor list with a market share of around 4%.

Related stories:


Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
User Rank: Moderator
11/12/2016 | 4:54:47 AM
prayer times

Kaspersky is a monopoly in their field and in their area, so that he did not, it will be accepted with a positive assessment. 


User Rank: Apprentice
11/12/2016 | 6:42:30 PM
http://www.192168ll.net/ www.192168ll.net
Russia investigates Microsoft for allegedly blocking Kaspersky software.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-07
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates the expected decoded ...
PUBLISHED: 2020-07-07
Froala Editor before 3.0.6 allows XSS.
PUBLISHED: 2020-07-07
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the activity. However, the deeplink format is not properly validated...
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter.
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.