Microsoft Cybersecurity Way Too Anti-Competitive, Says Kaspersky
By Shirley Siluk / CIO Today. Updated November 14, 2016.
In a lengthy rant posted on his company blog late last week, Eugene Kaspersky, founder of the Russia-based cybersecurity firm Kaspersky Labs, said Microsoft has been gradually making it harder for competing anti-virus programs to run on customer computers with Windows 10.
Kaspersky (pictured above) said his company is asking regulators in the European Union, Russia and elsewhere to "oblige Microsoft to cease its violation of anti-competitive legislation." Microsoft could do that by giving independent developers adequate time to ensure their software is compatible with updated versions of Windows, he said.
Microsoft should also inform its customers when a competing anti-virus product becomes incompatible with Windows and recommend that they install a compatible version, according to Kaspersky. He added that Microsoft should also always explicitly ask customers whether they would prefer to install its own anti-virus program, Windows Defender.
'I've Had Enough'
In a blog post Thursday titled "That's It. I've Had Enough!," Kaspersky noted that Microsoft "was once a security leader," but added that the company's approach has changed in recent years with the overhaul of its Windows platform.
"Ostensibly this was in the name of better ease of usage, security, performance and so on," Kaspersky said. "Behind the scenes what Microsoft was up to was elegantly seizing niche markets: squeezing independent developers out of them, taking their place, and offering users their own products, which in many cases were in no way better."
When it launched Windows 10 in July 2015, Microsoft said the operating system would be "the last Windows" because future updates would be rolled out over the cloud, rather than as separate and discrete versions that had to be downloaded by users. Consumers who upgraded to Windows 10 were required to agree to future updates that were automatic, ongoing and "without any additional notice."
Since then, Kaspersky said, "Users of Windows 10 have been complaining that the system is changing settings, uninstalling user-installed apps, and replacing them with standard Microsoft ones."
'Should Be Fighting Cybercriminals Together'
One piece of Microsoft software that became standard with the release of Windows 10 was its own Defender anti-virus program. Kaspersky said his complaint centered on the fact that Microsoft now limits the number of anti-virus programs that can exist on a PC to one . . . and that users aren't provided with adequate notice about alternative options.
"When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all 'incompatible' security software and in its place installs . . . you guessed it -- its own Defender antivirus," Kaspersky said. He added that if a user already had an alternative security program but didn't update its license in a timely manner, Microsoft again turned it off and turned on Defender.
Another problem is that tests by independent labs like MRG Effitas and AV-Test have found Windows Defender lacking in a number of ways, Kaspersky said. For example, it doesn't offer parental control, built-in VPN, Webcam protection, a password manager, backups or exploit protection.
By driving the market to increasingly rely on just one anti-virus program -- its own -- Microsoft is reducing the diversity of the open security ecosystem and making cybercriminal attacks more likely, according to Kaspersky.
"I hope that we can work together with Microsoft not only for the benefit of the independent development community, but also -- and more importantly -- for those who trust us to protect them in the evolving threat landscape, Kaspersky said. "Our companies need to be fighting cybercriminals together instead of fighting each other, and I have hope that this is still possible."