Microsoft temporarily disables anti-virus software for Windows 10 to keep users safe
The recent worldwide cyberattack by the WannaCry ransomware cryptoworm targeted computers running the Microsoft Windows operating system around the world, making it the biggest unprecedented ransomware attack in cyber history and computer security a bigger concern. Following the attack, Microsoft had urged its unaffected users to update their systems with the patches released for Windows, latest antivirus and anti-virus malware. It also explained its stance of how Windows 10 handles third-party AV programs.
In a recent announcement, Microsoft has admitted that Windows 10 will sometimes shut down third-party anti-virus software after the OS is updated, albeit temporarily.
The announcement made by Microsoft comes after Eugene Kaspersky, founder of Kaspersky Lab, filed an antitrust complaint with the European Commission (EC), which accuses Microsoft of disabling third party anti-virus software in Windows 10 without the consent of users to favor the in-built Windows Defender. It raised questions over Microsoft’s potential abuse of its place in the market “to fiercely promote its own – inferior – security software at the expense of users’ previously self-chosen security solution”.
A similar complaint was filed by Kaspersky with Russia’s Federal Antimonopoly Service (FAS) over the same issues last year, which alleges that the Defender security software bundled with Windows 10 squashes third-party antivirus products. Among the list of grievances Kaspersky outlined is that Windows 10 takes every opportunity it can to disable third-party AV programs.
Rob Lefferts, Microsoft’s partner director for the Windows and Devices Group for security and enterprise, in a general blog post that does not directly address Kaspersky or its claims, says that it bundles the Windows Defender Antivirus with Windows 10 to ensure that every single device is protected from viruses and malware. He said that five percent of all Windows 10 PCs had antivirus protection that was NOT compatible with the Windows 10 Creators Update.
He writes that “Microsoft’s application compatibility teams found that roughly 95 per cent of Windows 10 PCs had an antivirus application installed that was already compatible with Windows 10 Creators Update.
“For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed. To do this, we first temporarily disabled some parts of the AV software when the update began.”
The blog post also explains its partnership with third-party AV makers and how they are working together to protect Windows 10 customers. Lefferts claims Windows Defender does “not run periodic scans without explicit customer action or provide protection until the chosen third-party AV solution is no longer protecting the Windows 10 device due to expiration.”
Lefferts also stressed on Microsoft’s belief in “always-on” protection, and said that Windows Defender is designed to only kick in when the third-party antivirus software is incompatible, out of date, or expired. “If AV software is protecting our customers, Windows Defender Antivirus will stay off,” he noted. “If a customer does allow an antivirus application to expire, Windows Defender Antivirus is automatically turned on so that they are not left unprotected.”
“In the case of paid AV solutions, we worked with our AV partners to build a consistent set of notifications to inform customers if their licence is about to expire and to present options to renew the licence,” Lefferts said. “Only when an AV subscription expires, and the AV application decides to stop providing protection to the customer, will Windows Defender Antivirus begin providing protection.”
The blog post also claims that Microsoft has not violated any laws.
“Microsoft’s primary objective is to keep customers protected. We are confident that the security features of Windows 10 comply with competition laws. And we will answer any questions regulators may have.”