NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator

Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding

The UK's Competition and Markets Authority has given a provisional nod to the proposed merger of British cybersecurity company Avast and US rival NortonLifeLock.

Action by Britain's market regulators has international ramifications; the CMA's interventions in the Arm-Nvidia deal were partly responsible for the cancellation of the $66 billion sale of the British chip designer to Nvidia. And it has held up Facebook's purchase of Giphy.

As for the antivirus vendor pact, the $8.6 billion merger was announced in August 2021 and, after a gentle probe, the Competition and Markets Authority (CMA) decided that a closer look was needed in March 2022. That closer look (referred to as a Phase 2 investigation) is pretty much done and dusted and the CMA has provisionally decided that the deal doesn't raise competition concerns in the UK.

This is due to existing players, including the duo's main rival in the UK, McAfee, and Microsoft's bundling of its own security applications into Windows.

Microsoft has adopted somewhat of a scattergun approach to cybersecurity in its flagship operating system; what is built into Windows is known as Windows Security (formerly known as Windows Defender Security Center) and includes Microsoft Defender Antivirus. This is not to be confused with Microsoft Defender, which is a cross-device app "that helps people and families stay safer online" and requires a Microsoft 365 Personal or Family Subscription.

Windows Security is designed to keep Windows PCs secure unless an alternative antivirus product has been installed, such as the wares of Norton or McAfee.

The confusion seems to have spread to the CMA, which noted that "Microsoft Defender is not sold as a separate product" in its report while Microsoft states in its FAQs "Microsoft Defender is a part of the Microsoft 365 subscription."

The CMA did, however, note the arrival of Microsoft Defender for Individuals in June, which it said does indeed need that Microsoft 365 subscription.

Keeping up with Microsoft's branding gymnastics can be difficult. Microsoft Defender, being part of Microsoft 365, can't be purchased as a stand-alone product.

The CMA did say that user numbers taking advantage of Microsoft's solution are "both very high and growing very fast" but were not included in the analysis due to its inclusion in Windows.

As for Norton and its ilk, the CMA found that an important method of customer acquisition was via contracts with hardware manufacturers to have the software pre-installed on new devices in the hope of snagging customers once a free offer had expired. Retention rates once a customer had signed up were put at 80 to 90 percent. The CMA has already administered a rap on the knuckles to cyber security companies over unfair practices around renewals.

Kirstin Baker, chair of the CMA inquiry group, said: "After gathering further information from the companies involved and other industry players, we are currently satisfied that this deal won't worsen the options available to consumers. As such, we have provisionally concluded that the deal can go ahead."

Interested partners have until August 24 to respond to the provisional findings before the CMA issues its final report on September 8. ®

Send us news

Microsoft China turns 30, gives nation the gift of jobs and export promotion

Including assistance for the kind of companies the US is keen to contain

What's Microsoft been up to? A quick tour of Windows 11 22H2's security features

And some requirements to be aware of

Microsoft says it's boosted phishing protection in Windows 11 22H2

Security tool warns admins, users when a password is used on an untrusted site or stored locally

Stop us if you've heard this one before: Exchange Server zero-days actively exploited

Remember this next time Microsoft talks about how seriously it takes security

Microsoft to kill off old access rules in Exchange Online

Awoooogah – this is your one-year warning to switch over, enterprises

Microsoft: Watch out for password spray attacks – especially you, Basic Auth

Exchange Online users should have authentication policies in place

Microsoft highlights 'productivity paranoia' in remote work research

You know you're working, your colleagues know you're working, but the boss? Survey says: Paranoid

Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws

While issuing an emergency patch for Endpoint Configuration Manager

Mozilla drags Microsoft, Google, Apple for obliterating any form of browser choice

If you've got no OS of your own, you've got little chance to compete, Firefox maker sighs

Upcoming Outlook for Windows app opens to more testers

Office Insider? You might want to check refreshed email client

Microsoft debuts Windows 11 2022 Update – now with features added monthly

Oh. Joy.

Atlassian, Microsoft bugs on CISA’s must-patch list after exploitation spree

Some days, security just feels like a total illusion. OK, most days...