Kaspersky Lab has filed a complaint against Microsoft, alleging that the company blocks third-party antivirus software...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
on Windows 10 and forces its users to rely on Windows Defender. How can users tell if there is an antivirus block on their Windows system, and what can they do to fix this?
Modern antimalware software has a long history of providing protection to endpoints that an operating system doesn't provide. Some users and enterprises have been using the same antimalware software to protect their endpoints for over 20 years -- they have a very entrenched user base.
At one point, antimalware software tools used undocumented or poorly documented features of Windows because it was the only functionality available to integrate into the local system. Likewise, some of the functionality abused by malware is legitimately used by people every day without issue; but when a malicious actor runs code or an executable on an endpoint, the security of the endpoint can be compromised.
This is where antimalware software tools come in, as they can monitor for potentially malicious behavior or signatures that the operating system doesn't protect against. Having a separate security monitor gives an additional layer of protection to an endpoint that is separate from the operating system.
Initially, Microsoft didn't provide this protection, and a robust ecosystem, such as Kaspersky, McAfee or Symantec, was used to fill this gap to protect users. At times, even the antimalware software itself was attacked, which prompted Microsoft to improve some of the integration methods of antivirus software.
Starting in Windows 8.1 in 2013, Microsoft introduced functionality to protect antimalware software. As Microsoft has made changes to its operating system, independent antimalware vendors have updated their software to protect their customers and follow the Microsoft-defined integration requirements. Kaspersky pointed out how this could limit competition, and has pushed Microsoft to make changes to better work with independent antimalware software vendors.
Users can tell if their Windows system is causing an antivirus block by checking in the Windows Action Center security settings or by directly running the antimalware software console to see if Windows reports disabling the software. If Windows is blocking or disabling a user's preferred antimalware software, then he will need to ensure a recent version of the software is correctly installed, and that it integrates with the Windows guidance, including the use of Windows Action Center.
You may need to consult with your preferred antimalware vendor to determine if their software is supported on the most recent version of Windows. Likewise, Microsoft has a list of consumer antivirus software providers that may include your preferred vendor.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
The CIA Vault 7 cache exposed the Brutal Kangaroo USB malware, which can be spread to computers without an internet connection. Learn how this is ...continue reading
QakBot malware triggered hundreds of thousands of Microsoft Active Directory account lockouts. Discover the malware's target and how these attacks ...continue reading
A OneLogin data breach affected all of the company's U.S. customers after threat actors abused an Amazon Web Services API. Discover what this means ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.