For one, because they come preinstalled. I bought a normal Windows laptop for a relative recently, it came with a 30 day trial of McAfee (I think) pre-installed. Once you install any anti-virus, the MS one is automatically disabled, so new users are given the impression that they need to fork out for a subscription once the 30 days is up, or lose virus protection.
Even more, Microsoft and the OEMs don't really go out of their way to explain this choice to customers. I work with a senior software engineer who recently came to me for help with his new PC after having purchased the full version of the included anti-virus software. He seemed surprised when I asked why he wouldn't just stick with the built in software from Microsoft. So I sent him a link from Microsoft's site explaining about Windows Firewall and Defender. He later told me he felt stupid for having been convinced that he had to purchase the full version of what came on the system or else he would be unprotected. I think it is Microsoft who is stupid for not pushing this message harder, especially in light of the recent developments such as this one. In some of these cases, we're seeing that by installing a third-party anti-virus suite, you're actually reducing the security of your system. I think Microsoft should be concerned that these companies are actually hurting their reputation further.
Microsoft certainly seems to be trying to combat the OEMs on this front, in so much as they can without angering their third-party partners or bulldozing the PC desktop/laptop markets.
Those of us with technical inclination need to be sure to point our family and friends with less technical inclinations to the Microsoft Stores and "Signature Edition" [1] PCs, Microsoft's latest marketing term for unbloated Windows installs out of the box. Some of our friends and families may feel they have a special relationship with an existing OEM, so give them the "Signature Edition" website and have them at least bug their OEM to ship them one.
I assume Microsoft couldn't push their own solution because of the anti-trust restrictions. Now that those have expired, perhaps they could unless they're afraid they'll get lawsuits against them again.
Is the PC & OS market still as MS-centric as it was back then? I know they still own the majority of the desktop, but with OS X out there, and more fragmentation to mobile, it feels like it would be much much harder to build an anti-trust case against Microsoft.
Globally, yes. I think parent was talking about the US market where OS X is slightly more prominent and according to StatatsCounter surpasses the market share of Windows XP and Windows 10 combined. Microsoft still controls 3/4 of the desktop market according to these stats, but that would probably not qualify as monopoly anymore.
That's really good advice but also hard to do because most OEMs stopped providing a reinstall option which doesn't reinstall their bundled software as well.
Here's the ArsTechnica guide for doing a clean install of Windows 8.1 – imagine walking the average home user through this process, even before you factor in discouragements such as the likelihood of tech support blaming any problem more subtle than catching fire on your reinstall:
This, in a nutshell, is a major source of Apple selling so many iOS devices – I regularly hear people say that it's easier to have a good, secure computing experience that way and they're not wrong.
OEMs figured out that they could build a custom recovery image with the bloatware included (including on Windows 8). Windows 10 supposedly lets you delete the package that includes the bloatware, but I haven't tried it.
Windows 8 and 10 also have a lovely feature called the Windows Platform Binary Table. This allows OEMs to write an application into the UEFI, and Windows will automatically deploy to memory and run it with admin privileges each time it boots. The intended use was for installing drivers and anti-theft agents, but of course it was immediately used to drop bloatware/malware. This vector works even on entirely fresh installs, and there is no mitigation except obtaining a clean, signed UEFI image.
Microsoft has strategic reason not to suffocate the other AVs completely. It's better to have multiple companies attack viruses on multiple fronts. If McAfee and ilk went away completely the onus would lie entirely on Microsoft.
Laptop manufacturers are also to blame because product bundling and bloatware are nothing new.
Microsoft on their part could make it so that Defender worked alongside McAfee but that might encourage users to buy McAfee even more, arguably (double the protection or not knowing they are already protected).
Lenovo are particularly egregious. They collect data from Conduit via their toolbar add on (Conduit is one of the worst malware makers out there - they are owned by Perion/CodeFuel). Lenovo refuse to disclose they do this, in fact I have support emails denying they do.
It's an utter racket.