Kaspersky founder calls out Microsoft for AV shenanigans

Cybersecurity expert Eugene Kaspersky, founder of the antivirus company that bears his name, called out Microsoft for disabling third-party antivirus programs during the Windows 10 upgrade process.

In a long-winded blog post that rambles and takes 300 words to get to the point, he criticizes Microsoft’s walled garden approach to Windows 10, something MacOS has done forever, but then he gets to the main point: Windows 10 does everything it can to disable third-party AV programs and use only Microsoft’s products.

“When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all ‘incompatible’ security software and in its place installs… you guessed it—its own Defender antivirus. But what did it expect when independent developers were given all of one week before the release of the new version of the OS to make their software compatible?” he writes.

“Even if software did manage to be compatible according to the initial check before the upgrade, weird things tended to happen and Defender would still take over,” he adds. He points out that even when users already have a compatible AV program installed, a pop-up window notifying the user that Windows Defender is turned off and asks them to turn it back on.

“In fact, pressing the big juicy button will also deactivate your existing AV. But a user only gets to find this out from a tiny text in a pop-up window (and you need to know how to get that window to pop-up),” Kaspersky writes.

It doesn’t stop there. Kaspersky notes Microsoft has also limited the possibility of independent developers to warn users about their licenses expiring in the first three days after the license expires. There is an actual warning, but it’s buried in a Windows Security Center notification, which hardly anyone reads.

This is important because the three days immediately following an AV license expiration is usually when most people renew their license. After all, who is going to wait a week to renew an AV software license? But if the license is not renewed and deactivated, Defender gets turned back on.

Finally, he notes that Microsoft limits the number of AV programs that can be running on Windows 10, but exempts Defender from that limit.

“Let’s say you’ve an independent AV. You intentionally—or not (e.g., with bundled software)—install a trial version of a different AV, but forget to delete it or purchase a license for it. When the trial period is up, Windows quietly turns off both AVs, and—you guessed it—turns on Defender! So, it’s out with two non-Microsoft products, and in with one Microsoft product, in no way whatsoever for a more comfortable—or safer—user experience,” Kaspersky writes.

He’s a bit harsh on Defender, which is not exactly a top-level AV program. Kaspersky notes that testing labs rank Defender as “below average” at detection and “noticeably lags behind” in terms of features, like parental controls, a built-in VPN, webcam protection, a password manager, exploit protection, and other elements.

“Microsoft is acting against the interests of users since a lot of its products are of inferior quality,” Kaspersky says.

Kaspersky accuses Microsoft of having nefarious motives for pushing Defender. He accuses Microsoft of being afraid investors will get antsy after multiple failed efforts (MSAV, OneCare, Security Essentials, ForeFront) and they will ask where has all the money gone.

“So Microsoft, in its desperation, decides it needs to get to the top of AV-Everest—AVerest—by any means necessary, including with alarming pop-up windows. In doing so, users get protection markedly below the industry standard. Great job, Microsoft,” Kaspersky writes.

That’s pushing it. Microsoft has wasted far more money on far bigger boondoggles, like Nokia and aQuantive, and there was no investor blowback. I doubt the modest investment in AV products will upset many investors.

Microsoft declined to comment on Kaspersky’s accusations.

Via: Computer World