Maksim Kabakou - Fotolia

Microsoft accused of blocking independent antivirus competition

News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more.

Antivirus software company Kaspersky Lab filed antitrust complaints against Microsoft with the European Commission and the German Federal Cartel Office this week.

After filing a similar complaint to Russia's Federal Antimonopoly Service in 2016, Kaspersky has renewed its stance against Microsoft's automatic implementation of Windows Defender on its operating systems and its alleged ousting of independent antivirus software. In a statement released on June 6, Kaspersky's founder, chairman and CEO, Eugene Kaspersky, detailed the issues he and his company have with Microsoft.

"We see clearly -- and are ready to prove -- that Microsoft uses its dominant position in the computer operating system (OS) market to fiercely promote its own -- inferior -- security software (Windows Defender) at the expense of users' previously self-chosen security solution," Kaspersky wrote. "Such promotion is conducted using questionable methods, and we want to bring these methods to the attention of the anti-competition authorities."

Microsoft, however, disputed the allegations. "Microsoft's primary objective is to keep customers protected, and we are confident that the security features of Windows 10 comply with competition laws," a Microsoft spokesperson said in a statement. "We're always interested in feedback from other companies, and we engage deeply with antimalware vendors and have taken a number of steps to address their feedback. We reached out directly to Kaspersky a number of months ago offering to meet directly at an executive level to better understand their concerns, but that meeting has not yet taken place."

Kaspersky alleges that Microsoft uses "underhanded" techniques to steer its users away from using independent antivirus software and essentially forces its users to stick with Windows Defender, which comes hardwired into all versions of Windows 10.

The statement from Kaspersky noted that there is no way to disable or uninstall Windows Defender, and when Kaspersky or any other independent antivirus software is loaded onto a Windows machine, it gets labeled as unsecure, which can prompt users to avoid using it.

On top of that, users who update Windows 10 receive minimal notification that Kaspersky antivirus is not compatible with the new version, and the software is automatically removed from the system. The compatibility issues stem from a new policy speeding up the release process and giving independent antivirus developers less time to create a compatible version of their software, according to Kaspersky.

"We want Microsoft to stop misleading and misinforming our -- and not only our -- users," Kaspersky said. "We want to see all security solutions being able to work on the Windows platform on a level playing field. And we want to see users being able to decide for themselves what they want and consider important to them ... And remember: The only folks who gain unequivocally if there is a monopoly in the security products market are cybercriminals. They'd love nothing more than to be able to concentrate on trying to outsmart the single security solution of a monopolist."

In other news:

  • In an interview with ZDNet this week, OneLogin CISO Alvaro Hoyos provided further details about the data breach the company disclosed one week prior. OneLogin, a password and identity management company, revealed earlier this month that attackers were able to access U.S. customer information, though the initial statement didn't explain how. Hoyos didn't disclose the full details of the breach yet, but he did provide further insight into how the attackers were able to access the data. He confirmed that both encrypted and unencrypted data was stolen and would say only that, "The way [the attackers] gained access to our network was through this authorized [Amazon Web Services] key." The AWS cloud instance with the key information was accessed through an unnamed third party. Hoyos said, "That's a key piece of the puzzle of how this attack was orchestrated and launched," and wouldn't name the company, since it's part of an ongoing investigation into the breach.
  • A new report from researchers at ESET showed a Russian-speaking hacking group is leveraging pop star Britney Spears's official Instagram account to conceal and spread malware. According to the report, a backdoor Trojan used comments posted to the singer's Instagram account to locate the command-and-control server that sends instructions and offloads stolen data from vulnerable systems. This makes the malware tougher to detect, according to ESET researchers, since the servers are never directly referenced in the malware or the comment. The group behind this malware-spreading technique is known as Turla and has been implicated for previous malware strains, such as Wipbot in 2014 and a Windows zero-day vulnerability that infiltrated government and military systems in Europe in March 2017.
  • A researcher with SEC Consult Vulnerability Lab discovered that certain WiMAX routers are vulnerable to an authentication bypass that could give attackers access to the device and the network it's on and change administrator passwords. The routers, manufactured by a handful of different companies, including Huawei and ZyXEL, were found to have this vulnerability in August 2016, but the researcher Stefan Viehböck and the CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University only disclosed it this week. The vulnerability was given a CVSS score of 10.0, and Viehböck warned the affected routers should be decommissioned, as there currently is no other fix available.

Next Steps

Read about other issues security software vendors have had with Microsoft

Learn more about antitrust complaints targeting Microsoft in the European Union

Discover the effects independent antivirus software can have on security issues

Dig Deeper on Security operations and management

Enterprise Desktop
Cloud Computing