Last fall, in our domestic market we turned to the Federal Antimonopoly Service with a complaint against Microsoft regarding its anti-trust legislation violations.

Despite the long silence on the airwaves, the matter was in fact slowly but surely being addressed. And don’t pay any attention to inaccurate reports about not filing similar claims with the EU Commission: that was off the back of an interview I gave in Germany in which it looks like a fact or two went astray – perhaps lost in translation. We are definitely not planning on ‘temporarily backing off’ filing our competition complaint with the EU Commission.

And anyway, instead of reading reports it’s always better hearing it from the horse’s mouth, as they say… So here I am with real news and confirmed details and plans that I can share at the moment compromising neither ethical nor legal norms.

Ok. Let’s begin…

Microsoft took a two-pronged approach: (i) formal denials; (ii) specific practical steps to address the antitrust demands

First off, as was expected, Microsoft disagrees with our claims. ‘We did not create conditions…’, ‘we have not infringed…’, and even: ‘we do not dominate…’ But facts are stubborn things, and despite the formal denials, Microsoft has, in fact, taken a few crucial steps toward rectifying the situation. And it looks like our actions might have helped encourage Microsoft to do so. Of course, there’s still more that needs to be done, but this is at least a good start toward ensuring that consumers have the chance to choose the best cybersecurity solution for them specifically.

It appears Microsoft took a two-pronged approach: (i) formal denials (which is logical); and (ii) specific (although small) practical steps to meet both users and independent software developers half-way.

I’ll leave out the formal denials here, but in this post I want to tell you a bit about those ‘practical steps’ that were recently taken by Microsoft. Let’s have a look at three notable examples thereof:

Example No. 1: The Alarming Windows Defender PC Status Page.

One of the claims we made against Microsoft regarded the misleading Windows Defender PC status page, pictured below:

The good news is that Microsoft has changed the previously displayed status page in a recent update, addressing several of the confusing and misleading elements we described.

So, what was the original status page for and what were our objections?

There aren’t any problems with PC protection. It’s just that Microsoft wants the user to activate Defender

This status page was how the operating system ostensibly informed the user about ‘PC [security] status’, though in actual fact it only informed the user about the status of Microsoft’s Windows Defender antivirus program. It is clear that the status window’s main purpose was to raise concerns on the part of users and to try and get them to switch from their current AV choice to Windows Defender. Moreover, the page didn’t only suggest, it directed the user to: ‘Uninstall your existing AV program to turn on Windows Defender’. The amber-colored alert, exclamation point and wording, could easily confuse and mislead users to thinking they needed to uninstall their current AV of choice and turn on Windows Defender to ensure their PC is protected.

Below are three additional images from the status page that demonstrate how the OS previously tried to get users to switch through alarming images and text.

So what does this pictogram (with the large exclamation mark), which personifies ‘PC status’ actually tell us? ‘Houston, we have a problem’, is what. The thing is, as mentioned, there aren’t any problems; it’s just that Microsoft wants the user to activate Defender – citing no sensible reasons for doing so.

Then there’s this line:

Again – exclamation mark and amber ‘warning’ color indicating something’s up, something needs sorting – and quickly. After all, this is the status page whose only job is telling us about the security status of the PC.

And last – the biggie:

Yep, it’s big; and amber. It’s screaming ‘click me!’ Yes, the user will think: ‘might as well press this button. It’s Microsoft after all doing the persuading here, and I trust Microsoft. Some extra protection – why not?’ Actually, and sorry to be repeating myself, nothing needs ‘Turning On’…at all. It’s just that Microsoft would very much like for you to ‘Turn On’ its AV.

Anyway, here I return to the point I introduced way up above about Microsoft taking a few practical steps in the right direction…

As of April of this year (i.e., with the RS2 update of Windows 10), if there’s a third party AV present, the status page now looks like this:

As they say, vive la difference!

Example No. 2: You – Quiet; I’ve Got This.

An additional issue Microsoft appears to have fixed includes allowing independent AV developers to warn users that their subscription is about to expire. As you probably know, licensed AV products are based on subscription services (1/2/3… years). Throughout the duration of the subscription, the user gets technical support, new technologies, new versions, updates, extra utilities, discounts, offers and more – depending on the vendor. When a subscription is due to expire, the user needs to extend it if they want the protection to stay, and AV vendors reasonably provide reminders about this.

But Microsoft was prohibiting independent AV developers from having their programs show warnings about the expiry of licenses – specifically five days before expiry and three days after. Instead, they offered Windows’ system warnings – in the Windows Security Center. This type of policy led to a significant reduction in numbers of license extensions, and at the same time a rise in the market share of Defender. This is because when your third-party AV did expire, Microsoft quietly… turned on Defender – without even asking you. That may be surprising; what is less surprising was the furor it caused among independent AV developers.

Thankfully, not long after we submitted our complaint regarding signs of violations of the antitrust legislation, the prohibition of notifications less than five days before an AV’s expiry were removed!

Example No. 3: Luke, I Am Your Father.

Microsoft was planning to introduce another limitation for independent AV developers on Windows – it was considering permitting only one AV to be active on a system (or two – but only if the second one… was Defender!). The good news is that Microsoft ditched this proposed feature. And as to why that limitation would have been a disaster, here’s a brief explanation:

At first glance it looks like sense: all for a more comfortable user experience. But the devil’s in the details…

When the trial period is up: out with two non-Microsoft products, and in with one Microsoft product

Let’s say you have an independent AV installed on your PC. You intentionally – or not (e.g., with bundled software) – install a trial version of a different AV, but forget to either delete it or purchase a license for it. When the trial period is up, Windows – you guessed it – turns on Defender. So, it’s out with two non-Microsoft products, and in with one Microsoft product, in no way whatsoever for a more comfortable – or safer – user experience.

The Right Direction.

I don’t know for sure the precise reasons these changes made by Microsoft have occurred.

It can’t be ruled out that Microsoft has been analyzing the situation and is changing a few things independently from our claims; however, this is not the first instance of conflict the company has experienced with independent developers. Analysis of the history of such conflicts hints at dismal prospects for Microsoft – in fact big risks and reputational damage. It’s possible that both user and independent developer dissatisfaction (not only that of the security industry) played a role. And it’s possible our efforts made a difference. Regardless, the path now being taken by Microsoft appears to be moving it in the right direction.

But we’re not stopping there, and will continue to insist on healthy – I repeat: healthy – competition, amid which all market participants have equal opportunities. Only then will users be able to choose and use the high-quality products they want, instead of having to make do with what their OS quietly and/or unfairly chooses for them. Only then will users be able to effectively protect what matters most to them from cyberthreats.

The malicious members of the computer underground would love to have to deal with just one single AV installed everywhere. So monopolization in cybersecurity may be even more potentially damaging

Monopolization in any field leads to stagnation and degradation, and gives the green light to manipulations and behind-the-scenes rigging – and none of it in the interests of the consumer. But in cybersecurity monopolization is even more potentially damaging since it could disable tens of millions of computers around the world and even threaten critical infrastructure: the malicious members of the computer underground would love to have to deal with just one single AV installed everywhere.

What’s Next?

It’s been more than six months since we filed antitrust claims against Microsoft. So far things are going ok, and there’s hope we can find a reasonable solution to the matter with Microsoft.

It’s clear that Microsoft will defend itself fiercely and deny abuse of its dominating position. But on the other hand, the above three examples show that, quite possibly, Microsoft understands why it’s necessary for these changes, and has an action plan and is following it. It gives us hope that more than a dozen other issues presented to the antitrust bodies will also be resolved.

What’s the next step?

We remain open to discussing these issues in detail with Microsoft to try to find effective resolutions as quickly as possible. There’ll also surely be more FAS meetings as many details still need clarifying. Meanwhile, we’re still planning to file a complaint with the European Commission in the near future, about which I’ll provide more details a bit later.

Finally, we hope you’ll understand why we had to take a stand regarding these critically important issues: to fight for your right to choose exactly what solution you want to protect your digital lives.

Microsoft denies antitrust charges, but quietly addresses demands from independent AV vendors. @e_kaspersky gives details: Tweet