After coming under antitrust fire from Kaspersky in the wake of the WannaCry ransomware, Microsoft has attempted to clear the air by talking about its work on safety and security – namely Windows Defender – and working with third-party antivirus providers. Kaspersky had filed a complaint with the EU claiming Microsoft was using its dominance to promote its own offering, and creating obstacles for everyone else, including disabling their products and not providing enough time to maintain support.
In a lengthy blog post, Rob Lefferts, Microsoft’s director of program management for Windows enterprise and security, stayed away from mentioning Kaspersky directly, while stressing on support and choice. He noted that they provide early builds through the Windows Insider Program to ensure antivirus software are compatible before an upcoming release.
“We’ve worked closely with AV partners to identify changes, provide early builds through the Windows Insider Program and other testing environments, and provide technical guidance through our Microsoft Virus Initiative (MVI) program,” Lefferts said. “This cadence of regular updates, along with the Windows Insider Program, affords our partners and customers much greater transparency and insight into the Windows development process than ever before.”
“Also, because AV software can be deeply entwined within the operating system, we doubled down on our efforts to help AV vendors be compatible with the latest updates,” he added. Lefferts noted that about 95 percent of Windows 10 machines had compatible antivirus protection with the recent Windows 10 Creators Update, and so they built a feature for the remaining ones.
“For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed,” he said. “To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating.”
Lefferts also emphasised Microsoft’s belief in “always-on” protection, and said that Windows Defender doesn’t come into action unless the third-party antivirus software is incompatible, out of date, or expired. “If AV software is protecting our customers, Windows Defender Antivirus will stay off,” he noted. “If a customer does allow an antivirus application to expire, Windows Defender Antivirus is automatically turned on so that they are not left unprotected.”
“In the case of paid AV solutions, we worked with our AV partners to build a consistent set of notifications to inform customers if their licence is about to expire and to present options to renew the licence,” Lefferts said. “Only when an AV subscription expires, and the AV application decides to stop providing protection to the customer, will Windows Defender Antivirus begin providing protection.”
Though Microsoft has now laid out its defence in full, it remains to be seen how the European Commission will reflect on the Kaspersky complaint. In the past, the EU has tried to make an example out of American tech giants, as evinced by its tax ruling against Apple in Ireland.