Microsoft antivirus policy changes under Kaspersky pressure

Microsoft antivirus policy changes for Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky.

Kaspersky has dropped an antitrust case against Microsoft after the operating system giant promised to change a contentious antivirus policy in future Windows updates.

Microsoft had been criticized because Windows antivirus policy had been to automatically disable third-party antivirus software in favor of Windows Defender if the antivirus software was not compatible with a Windows update.

Microsoft was warned in June by the Russian Federal Antimonopoly Service (FAS) that such practices were illegal after Kaspersky had filed a complaint. Kaspersky also filed antitrust complaints with the European Commission and the German Federal Cartel Office.

In response, Microsoft announced it would "evolve" its antivirus policy in the Windows 10 Fall Creators Update in order to give developers more time to make their software compatible.

Rob Lefferts, partner director for Windows Enterprise and Security at Microsoft, detailed the changes, saying Microsoft would work more closely with AV vendors, increase the time vendors have with new Windows 10 updates, and change how Windows notifies users of antivirus products expiring.

Andrei Mochola, vice president of consumer products for Kaspersky Lab, wrote in a blog post that Kaspersky is "absolutely satisfied" with the antivirus policy changes and "will be taking all necessary steps to withdraw our claims and inform all regulatory bodies that we no longer have any matters for Microsoft to address."

Experts applaud Microsoft's antivirus policy changes

Rob Sobers, director of inbound marketing at Varonis, said Microsoft likely learned its lessons from past antitrust cases surrounding Internet Explorer.

"With so many vendors offering AV protection, the reality is that companies and consumers are choosing the AV products that fit their needs and are not defaulting to products from Microsoft," Sobers told SearchSecurity. "By making this decision, Microsoft is acknowledging the widespread adoption of third-party AV solutions and ultimately doing what's best for their customers."

Gabriel Gumbs, vice president of product strategy at STEALTHbits Technologies, the data security company based in Hawthorne, N.J., said Microsoft's original antivirus policy wouldn't have held up over the long term anyway.

"The impact is a positive one for enterprises, however, it is far more important for Microsoft," Gumbs told SearchSecurity. "If enterprises do not have confidence that they could upgrade because their end-point protection software could possibly not be effective, that would have a direct impact on Microsoft's revenue."

Mike Shultz, CEO of Cybernance, the cyber risk governance company based in Austin, Texas, said Microsoft would have been foolish to fight in this case.

"Microsoft holds fairly substantial risk, particularly in the EU around anti-competitive measures, and they don’t need this fight right now -- one that they would likely lose. It's better to compromise and live to fight another day," Shultz told SearchSecurity. "The implied positive relationship between Microsoft and the third-party providers can only be good for the enterprise user. The more capability and compatibility that is provided to the enterprise, the better for all."

Next Steps

Learn why Windows 10 Fall Creators update falls short for IT.

Find out how legacy apps are causing roadblocks to Windows 10 enterprise adoption.

Get a closer look at Kaspersky antimalware protection services. 

Dig Deeper on Application and platform security