In Wake of Kaspersky Suit, Microsoft Explains Windows 10 Security Approach

In an apparent response to recent allegations made by security software vendor Kaspersky Lab, Microsoft on Tuesday detailed its approach to third-party anti-virus software, particularly in Windows 10.

According to a post by Rob Lefferts, Microsoft's partner director for the Windows and Devices Group for security and enterprise, the company works with "over 80 independent software vendors through the Microsoft Virus Initiative (MVI) program" to coordinate Windows 10 releases.

The announcement did not refer outright to Microsoft's legal spat with Kaspersky Lab, a maker of anti-malware software and a Microsoft partner. Kaspersky Lab recently filed antitrust complaints against Microsoft, alleging that Microsoft favors its Windows Defender solution over other anti-malware software products.

However, Lefferts' comment had some elements that seemed like a response to the Kaspersky Lab complaint. In particular, Lefferts suggested that Microsoft gives its security solution partners "months" to fix software before Windows 10 releases.

"Months before a semi-annual update is delivered to customers, interested parties can get easy access to fully running and deployable versions of the release, stay current with updates as the release progresses and becomes feature complete, and provide timely feedback on issues and bugs," Lefferts wrote.

One of the Kaspersky Lab complaints was that Microsoft gave its software partners just two weeks of testing time before a Windows 10 RTM (release to manufacturing) version was released. Lefferts, though, seemed to be suggesting that partners should be testing Windows Insider beta releases. In older pre-Windows 10 Microsoft lingo, an RTM was considered to be feature complete and just undergoing bug fixes. However, the RTM term is seldom heard these days, given Microsoft's new "agile" release approach with Windows 10.

The Windows 10 "Creators Update," released as a "current branch" in April for testing by organizations, was compatible with "roughly 95% of Windows 10 PCs," Lefferts indicated. He added that Microsoft had built a prompt into Windows 10 for those anti-malware solutions that weren't compatible. It directed users to download the latest anti-malware version.

As part of this process, Windows 10 will disable the installed partner-built anti-malware software.

"To do this, we first temporarily disabled some parts of the AV software when the update began," Lefferts explained. "We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating."

The disabling of anti-malware solutions was one of Kaspersky Lab's specific complaints about Microsoft's practices.

Lefferts denied that Windows Defender runs scans without user permission. Windows Defender turns on when installed anti-malware solutions have expired, he added.

Kaspersky Lab had complained about its ability to notify users when an anti-malware subscription was expiring, but Lefferts contended that Microsoft has taken a consistent approach.

"In the case of paid AV solutions, we worked with our AV partners to build a consistent set of notifications to inform customers if their license is about to expire and to present options to renew the license," Lefferts said.

He admitted that Microsoft Support does advise Windows 10 customers to uninstall anti-malware solutions and reinstall them to resolve some issues -- a practice that Kaspersky Lab had complained about.

In short, Microsoft apparently will argue that it must keep Windows 10 customers protected when anti-malware software isn't compatible with recent Windows 10 releases, and that it's acting with customer security in mind when it turns on Windows Defender. Kaspersky Lab likely will offer the familiar argument at the European Commission that Microsoft is using its Windows monopoly to compete unfairly in the software security market.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Microsoft Secure Score Hits General Availability

    Microsoft on Monday announced the general availability of the Microsoft Secure Score service within the Microsoft 365 Security Center portal.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft Teams Roadmap: Support for 1,000 Meeting Attendees, New Hardware

    Microsoft Teams is poised to receive a raft of new features in the coming months, many of them designed to make remote videoconferences feel more "natural."

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.