Microsoft has admitted interfering with third-party AV software running on Windows 10, but only if it is incompatible with the OS and needs updating.
The news came in a lengthy blog post by Rob Lefferts, partner director for the security and enterprise part of the Windows & Devices Group.
He revealed that following the Windows 10 Creators Update released on April 11, 95% of Windows PCs running third-party AV had a compatible application installed.
“For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed,” Lefferts explained.
“To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating.”
What’s more, Windows Defender doesn’t interfere with a user’s machine once a compatible AV app has been installed, he claimed.
“Microsoft’s own free, built-in Windows Defender Antivirus does not run periodic scans without explicit customer action or provide protection until the chosen third-party AV solution is no longer protecting the Windows 10 device due to expiration”. said Lefferts.
The Redmond security team has “worked closely with AV partners”, providing early builds of products for them to test as well as technical guidance, and regularly proposes new ideas on customer protection to the community of security partners, he added.
The blog could be seen as a response to accusations from Russian AV vendor Kaspersky Lab that it abuses its dominant position in the OS market to force its own AV on users.
Antitrust investigators are already probing the claims in Russia and Kaspersky Lab has filed lawsuits with the European Commission and German Federal Cartel Office.
A lengthy blog post published last November by CEO Eugene Kaspersky details the main points of contention, many of which Lafferts has now addressed.
“When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all ‘incompatible’ security software and in its place installs … you guessed it – its own Defender antivirus,” Kaspersky claimed.
“But what did it expect when independent developers were given all of one week before the release of the new version of the OS to make their software compatible? Even if software did manage to be compatible according to the initial check before the upgrade, weird things tended to happen and Defender would still take over.”
Kaspersky also claimed that Microsoft buries renewal notices for third-party AV, a point which Lafferts appeared to dispute.
“In the case of paid AV solutions, we worked with our AV partners to build a consistent set of notifications to inform customers if their license is about to expire and to present options to renew the license,” the Microsoft man said.
“Only when an AV subscription expires, and the AV application decides to stop providing protection to the customer, will Windows Defender Antivirus begin providing protection.”