Getty Images

Microsoft admits Windows 10 disables third-party security software

Microsoft has admitted Windows 10 disables some third-party security software, but claims this is purely because of compatibility issues

Microsoft has indirectly denied allegations by security firm Kaspersky Lab that it is using its market dominance to promote its Windows Defender software by bundling it with Windows 10.

Kaspersky Lab has also accused Microsoft of disabling its antivirus software on Windows PCs, but Microsoft has defended its approach to security.

“We built Windows Defender Antivirus to make a promise to our customers that every Windows 10 device always has protection from viruses and malware,” said Rob Lefferts, director of program management, Windows Enterprise and Security at Microsoft.

“Through our continued investments, our test results are among the top of security industry leaders, including recent real-world testing where Windows Defender Antivirus scored over 99% detection rates,” he wrote in a blog post.

According to Lefferts, Microsoft actively engages with and supports a community of over 80 independent software suppliers through the Microsoft Virus Initiative (MVI) program.

“This engineering program enables us to share key technical details of Microsoft technologies with our antivirus partners to collaborate on future directions and problem solve on existing security challenges to protect our shared customers from malicious software,” he said.

However, Lefferts said Microsoft believes staying current is the most important thing in keeping customers safe and secure. With twice annual updates, Windows 10 delivers new security enhancements to protect against new evolving threats.

Read more about Microsoft

  • Mixed reality could be the next big boom for PC manufacturers, with several Windows headsets joining Microsoft’s own HoloLens.
  • Microsoft’s annual developer event in Seattle opened with a focus on AI, IoT edge computing and a new globally distributed database.

And while Microsoft has ensured compatibility of thousands of supplier applications from day one of an available update and “doubled down” on efforts to help antivirus suppliers be compatible with the latest updates, he said when the latest Windows 10 was released on 11 April 2017, Microsoft’s application compatibility teams found that roughly 95% of Windows 10 PCs had an antivirus application installed that was already compatible with Windows 10 Creators Update.

“For the small number of applications that still needed updating, we built a feature just for antivirus apps that would prompt the customer to install a new version of their antivirus app right after the update completed. To do this, we first temporarily disabled some parts of the antivirus software when the update began.”

Admission out of the way, Lefferts said this work was done in partnership with the antivirus partner to specify which versions of their software are compatible and where to direct customers after updating, but made no specific mention of Kaspersky Lab.

“Microsoft supports a rich ecosystem of security partners,” he said, and once a customer has installed an active and up-to-date antivirus program, it will run without notifications or interference from Windows, and that Windows Defender Antivirus does not run periodic scans without explicit customer action or provide protection until the chosen third-party antivirus has expired and is no longer protecting the Windows 10 device.

“If antivirus software is protecting our customers, Windows Defender Antivirus will stay off. If a customer does allow an antivirus application to expire, Windows Defender Antivirus is automatically turned on so they are not left unprotected,” said Lefferts.

Always-on security

Microsoft appeared to be gearing up to use the principle on “always-on security” and compatibility issues in defending against the allegations by Kaspersky Lab, but one of the key complaints by the security firm was that Microsoft has reduced compatibility testing from 60 days to just six days, which Kaspersky Lab said was not enough time to fully test its latest Windows 10 upgrades to ensure existing software is compatible.

According to Eugene Kaspersky, co-founder and CEO of Kaspersky Lab, Microsoft has made some changes in response to the security firm’s complaint to Russia’s Federal Antimonopoly Service, but these changes do not go far enough.

Kaspersky complains that Microsoft’s antivirus is hardwired into all versions of Windows 10 for home users and is impossible to turn it off completely or delete, Windows 10 continually questions users whether they want to run third-party security software, and Windows 10 upgrades delete third-party security software drivers.

“We want to see all security solutions being able to work on the Windows platform on a level playing field. And we want to see users being able to decide for themselves what they want and consider important to them,” he wrote in a blog post.

“Besides, we want fair and healthy competition, which has always given excellent results everywhere – no matter in which industry or market. We invite all our competitors and colleagues to join us: as we’ve already shown, turning to antitrust bodies does bring positive change.”

Alternative web browsers

In 2009, the European Commission forced Microsoft to promote alternative web browsers to Windows users, having previously bundled Internet Explorer, after an investigation into anti-competitive behaviour.

In 2012 Microsoft was fined €561m by the European Commission after a “technical error” meant the browser choice function was omitted from Windows 7.

Microsoft had previously been fined €497m in 2004, for anti-competitive behaviour that involved bundling Windows Media Player into the operating system, thereby restricting competition for rival media player software.

The complaint by Kaspersky Lab to the European Commission will test whether Microsoft is attempting to do the same with Windows Defender and whether Microsoft’s defence laid out by Lefferts will stand up to scrutiny by European competition authorities.

Meanwhile, Microsoft is attempting to reach out to officials at Kaspersky Lab to address the concerns before a hearing on the EU antitrust complaint, according to The Verge.

Read more on Hackers and cybercrime prevention