Connect with us

Hi, what are you looking for?


Endpoint Security

Peace Breaks Out Between Microsoft and Kaspersky Lab

Microsoft Agrees to Kaspersky Lab’s Demands

Microsoft and Kaspersky are friends again, and the whole anti-virus ecosystem is at peace. 

Microsoft Agrees to Kaspersky Lab’s Demands

Microsoft and Kaspersky are friends again, and the whole anti-virus ecosystem is at peace. 

Back in November 2016, Eugene Kaspersky declared, “That’s It. I’ve Had Enough!” It wasn’t just words. “We’ve taken the decision to address official bodies in various countries (including the EU and Russia) with a request to oblige Microsoft to cease its violation of anti-competition legislation and to remove the consequences of that violation.” And he did just that, first in Russia and then in the EU.

Eugene Kaspersky, founder of Russia-based Kaspersky Lab, was not alone in his concerns. “Some time ago security companies started noticing that things were changing at Microsoft,” Luis Corrons, technical director at PandaLabs told SecurityWeek. “It looked like they were more concerned about their own antivirus market share, and were trying to push the competition out — not by being a best solution, but by taking advantage of being the developers of the operating system, and using any chance to tell the user to remove 3rd party security software and put theirs in its place.”

Morten Kjaersgaard, CEO at Heimdal, gives more context. It started with Windows 8 in 2011, when Microsoft indicated that it would try to extend its position with its own Windows Defender. In the event, says Kjaersgaard, “The first Defender was not much better than Security Essentials.” But battle lines had been drawn. The AV industry downplayed Windows Defender, and Microsoft promoted third-party products less forcefully. “Until recently,” he added, “Windows Defender had not posed a real threat to the antivirus industry — but with the Windows Defender continuously improving, it is now a bigger threat.”

As Defender improved, so Microsoft seemed less and less willing to work with its ‘competitors’. “We have to remember that antivirus is a multi-billion dollar business, both in the consumer and B2B space — and here Kaspersky took a stance to publicly call out a situation, which long term could cause an antitrust case for Microsoft, similar to Internet Explorer.”

That danger now seems to have been averted. “It’s very important for both sides that Microsoft and the specialist security companies work as closely together as possible,” comments ESET senior research fellow, David Harley; “especially as Windows 10 increases its market share, as presumably it will. A security monoculture isn’t in the best interests of the consumer.” This position is simple. If Windows Defender — or any other single product — dominates the market, attackers will have fewer defenses to beat while successful attacks will be more catastrophic. Diversity brings strength; monocultures bring weakness.

Advertisement. Scroll to continue reading.

This week, Microsoft’s Rob Lefferts blogged, that following discussions with its AV partners, Microsoft is “making updates to our AV partner requirements today that reflect the interests of the community and our shared customers. We will also implement changes in the Windows 10 Fall Creators Update.”

These changes cover the complaints made by Kaspersky. Microsoft will work more closely with third-parties over compatibility reviews; will increase “the amount of time AV partners will have to review final builds before the next Windows 10 feature update is rolled out to customers”; will allow the third-parties to display their own renewal notices; and will modify how users are told that their antivirus application has expired.

Kaspersky is the only third-party vendor specifically mentioned in this announcement. It is clearly a response to the legal threats in both Russia and the EU. “We appreciate the feedback and continued dialogue with our partners and are pleased to have found common ground with Kaspersky Lab on the complaints raised in Russia and Europe,” continues Lefferts. “We look forward to our continued partnership with the industry.”

Kaspersky is satisfied. In its own Kaspersky Lab blog published yesterday it states, “We are absolutely satisfied with the changes that will be implemented in the Windows 10 Fall Creators Update, and we will be taking all necessary steps to withdraw our claims and inform all regulatory bodies that we no longer have any matters for Microsoft to address.”

Peace has been restored. Whether it continues, remains to be seen (Microsoft will need to compete for share of a multi-billion market without resorting to any of the OS-specific trump cards that it undoubtedly holds). But there is one other issue worth considering. In parallel to Kaspersky’s complaints to the Russian and EU authorities about Microsoft’s practices, the US government has started to denounce Kaspersky over ‘security concerns’. Last month the US General Services Administration (GSA) announced that Kaspersky had been removed from its list of approved vendors, making it more difficult for government agencies to obtain Kaspersky products.

Was the timing coincidental? Is it an economic version of the political tit-for-tat that we have seen between America and Russia for decades? Or is it genuine security concerns?

Heimdal’s Kjaersgaard believes it is genuine if unfounded concern. “I believe that the US government is concerned that because Kaspersky, as an antivirus, has full access to a device, it could theoretically relay information from the device to Kaspersky, which another influential party in Kaspersky could use.

“I cannot say anything bad about Kaspersky at all,” he added; “but nor can I comment if the US government has this stance for a reason. However, concern over the software you have on your computer is legitimate with anything you install.”

Kaspersky is outraged at the US position. In its own statement, it says, ““Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts… Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back
up these false allegations. Kaspersky Lab, a private company, seems to be caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game.”

It will be interesting to see whether the new accord between Microsoft and Kaspersky will lead to a softening of attitudes from the US government.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

The Zero Day Dilemma

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...