Home » Blog » Is Kaspersky Still Safe to Use in 2026? US Ban Explained

We review products independently, but we may earn commissions if you make a purchase using affiliate links on our website. Also note that we are not antivirus software; we only provide information about some products.

Is Kaspersky Still Safe to Use in 2026? US Ban Explained

Last Updated: May 15, 2026. This guide was prepared against current 2026 lab data, vendor documentation, and security advisories.
Updated
0
Harry Brown
Kaspersky 2026 US ban explainer cover showing legal restriction, update cutoff, lab scores, and alternatives

The short answer

If you are in the United States: stop using Kaspersky. Not because the software is spying on you — there has never been public technical evidence of that — but because the U.S. Commerce Department's BIS Final Determination cut off signature updates to U.S. customers on September 29, 2024. Without daily threat-database refreshes, the detection rate against new malware decays a little every week. Migrate to Microsoft Defender (free, built-in on Windows 11) or Bitdefender Total Security as the closest like-for-like substitute.

If you are outside the United States: Kaspersky is still legally sold and fully updated in the EU, UK, most of Asia, Latin America, and Africa. AV-TEST February 2026 gave Kaspersky Premium a perfect 18/18 score. AV-Comparatives named it Top-Rated 2025 alongside Avast, AVG, Bitdefender, ESET, G Data, and Norton. The technical capability of the engine has not changed. The only question worth thinking about is the jurisdictional one: are you comfortable running security software from a company headquartered in Moscow that is subject to Russian law? That is not a question we answer for you.

The bottom line: Kaspersky's technical performance in 2026 is excellent. Its commercial availability is fractured by geography. We do not give legal advice — consult Kaspersky's current availability page for your country before making a decision.

What the US ban actually says

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) issued the Final Determination on June 20, 2024. The full document and BIS guidance are public. The relevant pieces, in plain language:

Sales prohibition. Kaspersky Lab, Inc. and affiliated entities are prohibited from providing antivirus or cybersecurity software, products, and services to U.S. customers — including individuals, businesses, and government agencies — as of July 20, 2024 for new sales and September 29, 2024 for ongoing service.

Update prohibition. Kaspersky is prohibited from delivering signature updates, code-base updates, or any form of cybersecurity refresh to U.S.-based installations after September 29, 2024. BIS also says Kaspersky is prohibited from operating the Kaspersky Security Network (KSN) in the United States or on any U.S. person's IT system after that cutoff.

Re-seller prohibition. Resellers, integrators, and distribution channels were given the same windows to wind down U.S. activities.

What it is not. The Final Determination does not criminalize having a Kaspersky installation on a personal device. It restricts the company from supplying software and services to the U.S. market. Existing copies are not contraband. They simply stop getting updated.

BIS framed the action under the Information and Communications Technology and Services (ICTS) authority added in 2019, citing "unacceptable risk to U.S. national security." We come back to what that means in the timeline section below.

What "no updates" actually means technically

This is the section that almost no other write-up covers properly, so it is worth a careful read if you still have Kaspersky on a US machine.

A modern antivirus runs three layers at once. The static signature engine matches files against a database of known-bad fingerprints. The heuristic engine looks for behavior patterns associated with malware families. The cloud lookup queries the vendor's live threat-intelligence service for things the local engines have not seen before.

Cutting off updates does not turn the product off. The signature engine continues to detect everything it already knew about as of September 29, 2024. The heuristic engine continues to function — it does not depend on daily refreshes the same way signatures do. The cloud lookup is what stops working as a supported protection layer for US installations, because BIS prohibits Kaspersky from operating KSN in the United States or on a U.S. person's IT system after the cutoff.

Practically: a US Kaspersky install in May 2026 is running with roughly 19 months of signature decay. New malware samples, variants, phishing URLs, and indicators of compromise that emerged after September 2024 are no longer reflected in the frozen U.S. install's normal update stream. The heuristic engine will still flag many of them based on behavior, but heuristic alone is significantly noisier and significantly less reliable than the signature + heuristic + cloud stack the product was designed to run.

The fair description is: a frozen-signature Kaspersky in 2026 is meaningfully worse than a current Kaspersky in 2024, and worse than any current free product (Microsoft Defender, Avast Free, AVG Free) which still receives daily updates. It is not catastrophically broken. It is degraded.

Why the ban — the timeline most articles skip

The 2024 BIS decision was the end of a seven-year process, not a sudden move. Here is the chronology:

September 2017 — DHS issues Binding Operational Directive (BOD) 17-01, requiring federal civilian agencies to identify and remove Kaspersky products from federal systems within 90 days. The directive cites "the security risks presented by the use of Kaspersky products on federal information systems."

September 2017 — Best Buy removes Kaspersky products from retail shelves. Office Depot follows. The consumer market in the US starts to shrink even though no federal consumer-level prohibition exists.

December 2017 — Section 1634 of the FY2018 National Defense Authorization Act prohibits federal use of Kaspersky products, codifying BOD 17-01. The later Federal Register rule implementing Section 1634 states that the Federal Government is prohibited from using products or services developed or provided by Kaspersky Lab and related entities.

2018 — Kaspersky moves its data-processing infrastructure for European customers from Russia to Zurich, Switzerland, as part of the Global Transparency Initiative. Source code is offered for third-party review at Transparency Centers in Zurich, Madrid, Kuala Lumpur, São Paulo, and other locations.

March 2022 — Following Russia's invasion of Ukraine, Germany's BSI issues a public warning recommending users replace Kaspersky software with alternatives. Italy issues similar guidance for public-sector use. Most of Western Europe stops short of a sales ban.

March 2022 — The FCC adds AO Kaspersky Lab to the Covered List, alongside China Telecom (Americas) Corp. and China Mobile International USA Inc., as entities whose covered communications equipment and services pose an unacceptable risk to U.S. national security.

June 20, 2024 — BIS issues the Final Determination prohibiting Kaspersky from the US market.

June 21, 2024 — Treasury OFAC designates twelve individuals in executive and senior leadership roles at AO Kaspersky Lab. Kaspersky itself and Eugene Kaspersky are not designated in that OFAC action.

July 2024 — The FCC adds certain Kaspersky software products to the Covered List, including cybersecurity and anti-virus software produced or provided by Kaspersky Lab, Inc. or its successors and assignees.

September 29, 2024 — Last day of US-facing updates. Kaspersky pushes existing US users a one-time transition to UltraAV (a relabeled Pango product), without prompting customers for consent in many cases. The transition is controversial and generates the largest Kaspersky-related Reddit thread of 2024.

October 2024 – May 2026 — Roughly 40% of US organizations observed using Kaspersky before the June 2024 announcement still appear to have it installed, according to Bitsight telemetry. We address what that statistic means in the next section.

The pattern across this timeline is the U.S. government acting on a legal-environment risk — the Russian government's potential authority to compel a Russian company under Russian law — rather than on a documented breach. That distinction matters when people ask whether Kaspersky has been "caught."

Lab scores in 2026 — the engine is still excellent

It is tempting to assume a banned product is also a bad product. That assumption does not survive contact with the test data.

AV-TEST Home User Windows Test, February 2026 (18-point composite):

  • Kaspersky Premium — 18/18 (perfect on Protection, Performance, Usability)
  • Bitdefender Total Security — 18/18
  • Norton 360 — 18/18
  • Microsoft Defender — 18/18
  • ESET HOME Security — 17.5/18

AV-Comparatives Summary Report 2025 (full-year aggregate across seven test cycles):

  • Kaspersky — Top-Rated 2025, alongside Avast, AVG, Bitdefender, ESET, G Data, and Norton.
  • Gold for Malware Protection — 99.99% detection rate.
  • Gold for Lowest False Positives — 9 false positives across AV-Comparatives' 2025 false-alarm counting.
  • Advanced+ in all seven 2025 cycles (Real-World Protection, Malware Protection, Performance, Advanced Threat Protection, Anti-Phishing, Anti-Tampering, ATP Enhanced).

In AV-Comparatives' Anti-Phishing Certification for Kaspersky 2025, run between May 15 and May 28, 2025 against 228 phishing URLs, Kaspersky blocked 93% with 0 false positives. The MRG Effitas Banking and Browser Security 2025 certification cycle also passed Kaspersky cleanly.

The honest summary is that Kaspersky's engine is among the top antivirus engines on the market by any independent metric. The product is not banned for being weak. It is banned for jurisdictional reasons.

The trust question — what is and isn't actually proven

This is the section that needs the most care because the discourse is loud on both sides.

What is alleged and unproven. No U.S. government release — neither the 2017 DHS BOD 17-01 nor the 2024 BIS Final Determination — has produced public technical evidence of Kaspersky software exfiltrating user data to the Russian state. The case is built on legal-environment risk: under Russian law, the FSB and other Russian security services have authority to compel cooperation from Russian companies and to require access to communications infrastructure. The U.S. position is that this authority — whether or not it has been exercised — is itself an unacceptable risk for U.S. critical-infrastructure use.

What did happen. The most-cited public incident is the 2017 case in which NSA contractor Hal Martin's home computer running Kaspersky was alleged to have uploaded U.S. classified Equation Group tools to Kaspersky's cloud. Kaspersky's published explanation: the files contained malware signatures and were collected by the standard cloud-upload behavior of the AV product (any modern AV does this), the malicious payload was destroyed once Eugene Kaspersky was personally informed, and no data was shared with third parties. Israeli intelligence reportedly observed Russian actors searching Kaspersky's network for U.S. classified material around the same time period — a finding that suggests Kaspersky's infrastructure was a target rather than a tool. None of these claims have been fully adjudicated in public.

What the company has done. The Global Transparency Initiative is real. Source-code review is genuinely available at the Transparency Centers. European-customer data has been moved to Zurich. Kaspersky has also completed SOC 2 assessments focused on the development and release process for its antivirus databases. The company says it has been passing SOC 2 audits since 2019; in 2023 it announced a SOC 2 Type 2 assessment covering a six-month period after earlier Type 1 work, and its current SOC 2 page offers a Type 2 report covering controls over regular automatic updates of antivirus databases created and distributed for Windows and Unix servers.

What you can reasonably conclude. The product is not provably spying on its users. The product is not provably safe from a Russian-state compulsion order either — that is the nature of legal-environment risk. Whether the absence of evidence is sufficient reassurance depends on your threat model. For a U.S. defense contractor: no. For a casual home user in Spain: most likely yes.

The 40% statistic — what it actually means

You will see this number quoted everywhere: "more than 40% of U.S. organizations that used Kaspersky before the ban still have it installed." It comes from Bitsight telemetry collected between June 2024 and early 2025.

Three things to understand about that number. First, it counts endpoints visible to Bitsight's external scanning, which over-indexes on small and medium businesses with weaker IT inventory hygiene. Federal agencies under BOD 17-01 had a 90-day window in 2017 and largely complied — they do not show up in this statistic. Second, "still installed" is not the same as "still functioning at full capacity." Most of these installations are running on the frozen signature database from September 2024 and are increasingly degraded as months pass. Third, a non-trivial portion are abandoned installs on machines whose owners do not realize the product is no longer being updated — the symptom looks identical to the user (the icon is there, the scans run) but the actual protection is decaying.

The risk for organizations in that 40% bucket is not "Kaspersky is spying on us." It is "we are running compliance-sensitive infrastructure on an antivirus product that no longer receives threat intelligence, and we have not noticed." That is an inventory and audit problem more than a geopolitical problem.

Outside the United States — current status

The BIS Final Determination is a U.S.-only regulation. Kaspersky's status everywhere else is governed by local rules, which vary.

European Union (most member states), United Kingdom, Switzerland — Kaspersky is legally sold and fully updated. No consumer-level prohibition. Some governments restrict use in public-sector procurement on advisory grounds.

GermanyBSI's 2022 warning recommends alternatives but is not a sales ban. Kaspersky remains legally available to consumers.

Italy — Restrictions on government and critical-infrastructure procurement. Consumer market unaffected.

Netherlands — Recommended for replacement in central government systems. Consumer market unaffected.

Canada — Banned on government-issued devices since 2023 (Treasury Board policy), aligned with U.S. federal stance. Consumer market not banned at the federal level but most major retailers have wound down stock.

Australia and New Zealand — Government-procurement restrictions in place. Consumer use legal.

Russia and CIS — Native market. No restrictions. Full update support.

Most of Asia, Latin America, Middle East, Africa — No prohibitions. Kaspersky operates normally.

For non-U.S. readers in most of Europe and elsewhere outside the restriction zones, Kaspersky remains a top-tier antivirus choice on technical merits and is a reasonable selection if you are comfortable with the jurisdictional context. We do not give legal advice — confirm the current regulatory status for your country before purchasing or renewing.

Should You Uninstall Kaspersky in 2026?

In the United States: yes. Uninstall it and move to Microsoft Defender, Bitdefender, Norton, or ESET. The issue is not that your installed copy became malicious; the issue is that Kaspersky can no longer provide signature updates, codebase updates, or KSN protection to U.S. users under the BIS order. The longer the product runs without current threat intelligence, the less useful it becomes.

Outside the United States: not automatically. If Kaspersky is still legally sold and updated in your country, the technical engine remains excellent. The decision becomes a jurisdiction, employer-policy, procurement, and personal-trust question rather than a lab-performance question. If your work intersects with U.S. federal contracting, defense, sanctions-sensitive sectors, investigative journalism on Russian state actors, or regulated client data, choose a non-Kaspersky alternative even if you live outside the United States.

If you are unsure: check your country rules, employer policy, and whether the product is still receiving updates. If updates are active and your risk profile is ordinary consumer use, keeping Kaspersky outside the U.S. can be defensible. If updates are frozen, uninstall it.

If you are in the US, here is the migration path

The official Kaspersky uninstaller is Kavremover (free from Kaspersky's support site at the time of writing — verify availability for your region). Do not rely on Windows "Add or Remove Programs" alone; Kaspersky leaves boot-time drivers and ELAM (Early Launch Anti-Malware) components that the standard uninstaller can miss. Run Kavremover, reboot, then install the new product.

Per-platform substitutes, ranked by how closely they match what Kaspersky Premium delivered:

Windows 11 — Microsoft Defender (free, built-in). Already on the machine. 18/18 at AV-TEST February 2026. Smart App Control closes the historical unknown-binary execution gap on supported Windows 11 installs. If you do not want to pay anything, this is the default answer.

Windows 10 or Windows 11 with bundled features — Bitdefender Total Security ($39.99 first year, $89.99 renewal). Closest like-for-like swap on lab scores. Same Top-Rated 2025 tier as Kaspersky at AV-Comparatives. 5-device, multi-platform license.

If you want identity protection — Norton 360 with LifeLock ($19.99–$49.99 first year). The bundled identity-restoration and dark-web monitoring are the strongest in the US market. Less performant than Bitdefender on older hardware.

Older or lower-spec laptops — ESET HOME Security Premium ($59.99 first year). Lightest agent footprint of the top tier. 17.5–18/18 at AV-TEST. Good if Kaspersky was your "fast and quiet" choice.

Mac-only — Intego Mac Premium Bundle X9 ($39.99 first year). Mac specialist since 1997. 97.1% on AV-Comparatives Mac Security Test June 2025.

Family with kids — Bitdefender Family Pack. Parental controls plus 15-device coverage. The Kaspersky Safe Kids feature was strong; Bitdefender's equivalent is the closest available US substitute.

Do not double-install antivirus engines. Running Kaspersky and a new product simultaneously creates kernel-driver conflicts and mutual quarantine loops. Kavremover first, then the replacement.

User sentiment and common complaints

We sampled the most-upvoted threads on r/antivirus, r/cybersecurity, and r/techsupport from February to April 2026 mentioning Kaspersky. Three patterns dominate.

The UltraAV grievance. The single most-cited Kaspersky topic is the September 2024 automatic transition that pushed many US users from Kaspersky to UltraAV (a Pango-branded product) without explicit consent. Many users describe waking up to a different antivirus icon on their taskbar and not knowing how it got there. Press reports, including TechCrunch's coverage of the UltraAV transition, describe the same confusion: Kaspersky and Pango said customers were notified, while some users said they did not understand that the replacement would be automatic. The thread sentiment toward Kaspersky's transition handling is strongly negative. The sentiment toward the technical engine itself is largely positive.

The "I'm in Europe, am I crazy to keep using it" question. The most common European Reddit question. Top replies tend to fall into two camps: "the engine is still top of the lab scores and you live in the EU, you are fine" and "I would not run security software from a company subject to Russian law on principle, regardless of geography." Both replies typically draw upvotes. The disagreement is genuine, not trolling.

The "I uninstalled and lost my license money" complaint. Users who paid for a multi-year Kaspersky license before June 2024 and then uninstalled in the US describe difficulty getting prorated refunds. Kaspersky's official position has been case-by-case credit toward UltraAV; users who refused that transition often report unsuccessful refund attempts. This is the most actionable consumer complaint and worth knowing before you uninstall.

Verdict

The Kaspersky question in 2026 is not about whether the software is good. It is. AV-TEST 18/18, AV-Comparatives Top-Rated 2025, Anti-Phishing 93% — these are facts and they have not changed.

The question is whether you can use it, and whether the jurisdictional context is one you are willing to accept. For US users the first half of that question now has a regulatory answer: sales and updates are prohibited, the product degrades a little every week without refresh, and the rational move is to migrate. Microsoft Defender or Bitdefender Total Security are the substitutes we recommend.

For non-US users in regions where Kaspersky is legally sold and updated, the technical answer is that it remains one of the strongest antivirus products available. The jurisdictional answer is yours to make. If you are running ordinary consumer workloads in a country with no restrictions, keeping or renewing Kaspersky is a defensible choice. If you handle data that intersects with U.S. national-security adjacent topics — defense, federal contracting, journalism on Russian state actors — pick something else regardless of where you live.

The honest two-sentence summary: the product works, the engine is excellent, the politics are real. Decide accordingly.

FAQ

Is Kaspersky banned in the US?

Sales of Kaspersky software to US customers have been prohibited since September 30, 2024, under the U.S. Commerce Department's BIS Final Determination of June 2024. Existing copies installed before the cutoff are not criminal to keep on a device, but Kaspersky has been prohibited from delivering signature, code, or threat-database updates to US users since September 29, 2024. We do not give legal advice — consult Kaspersky's current US availability page for your situation.

Is Kaspersky still safe to use in 2026?

For US users, no — without signature updates the detection rate against new threats decays week by week, and the longer Kaspersky has been running un-updated on a US machine the larger the gap. For non-US users in regions where Kaspersky is still legally sold and updated, Kaspersky remains one of the best lab-tested antivirus products on the market and is reasonable to keep using if you accept the jurisdictional question.

Has Kaspersky actually been caught spying?

No U.S. government release has produced public technical evidence of Kaspersky spying on customers on behalf of the Russian state. The 2017 DHS Binding Operational Directive and the 2024 BIS Final Determination cite the legal environment Kaspersky operates in under Russian law as the basis — specifically the Russian government's potential authority to compel the company — rather than a documented exfiltration incident. Kaspersky has consistently denied the allegations and offered third-party source-code review through its Global Transparency Initiative.

What happens if I keep Kaspersky installed in the US?

The product keeps running. The heuristic and behavioral engines still operate against threats they already know how to recognize. What you lose is daily signature updates from the cloud — new IoCs, new family classifications, new phishing-URL feeds. Each week that passes, the gap between what your local engine knows and what is being seen in the wild widens. For consumer use this is a slowly-accumulating risk rather than a same-day failure. For organizations under compliance regimes it is an audit problem regardless of technical state.

What should US Kaspersky users switch to?

For Windows 11, Microsoft Defender is the no-friction substitute — it ships built-in, scored 18/18 at AV-TEST February 2026, and requires no install. For Windows 10 or for users who want third-party detection in addition, Bitdefender Total Security ($39.99 first year) is the closest like-for-like swap on lab scores. Norton 360 if you want the identity-protection bundle. ESET HOME Security Premium for low-resource machines. Avoid double-installing — uninstall Kaspersky cleanly with the official Kavremover tool first.

Yes. The BIS Final Determination is a US-only regulation. As of May 2026 Kaspersky is sold and updated normally in the EU, UK, Switzerland, most of Latin America, and most of Asia and Africa. The German Federal Office for Information Security (BSI) issued a 2022 warning recommending alternative products on national-security grounds but did not ban sales. Italy and the Netherlands flagged Kaspersky for government procurement only. France, Spain, the UK, and most of the rest of Europe have taken no consumer-level action.

In many countries, yes, but the answer depends on local law, public-sector rules, employer policy, and procurement restrictions. The U.S. BIS Final Determination is U.S.-specific. Some countries restrict or discourage government use, while ordinary consumer availability continues in many regions. Check current local guidance before buying or renewing.

Does Kaspersky still get top lab scores in 2026?

Yes. AV-TEST February 2026 home-user Windows cycle: Kaspersky Premium 18/18. AV-Comparatives Summary Report 2025: Top-Rated, Advanced+ in all seven tests, Gold for Malware Protection (99.99% detection), Gold for Lowest False Positives with 9 false positives across AV-Comparatives' 2025 false-alarm counting. On engine performance Kaspersky is consistently in the top tier across major test labs. The technical capability is not the open question — the jurisdictional question is.

Why did Kaspersky users suddenly get UltraAV?

In September 2024, Kaspersky transitioned many U.S. consumer accounts to UltraAV after the U.S. ban forced it to wind down covered antivirus services. Reports from affected users and press coverage of the transition described the migration as confusing because UltraAV appeared without the kind of explicit consent many users expected. If you do not want UltraAV, uninstall it normally and move to Microsoft Defender, Bitdefender, Norton, or ESET.

  • Kaspersky Premium Full Review (2026)
  • Bitdefender Total Security Review
  • Norton 360 Review
  • Microsoft Defender Review: Is Free Enough?
  • Kaspersky vs Bitdefender
  • Kaspersky vs Norton

Sourced from

U.S. Department of Commerce BIS Final Determination and Kaspersky guidance; BIS June 20, 2024 announcement; DHS Binding Operational Directive 17-01; FY2018 NDAA Section 1634 implementation via Federal Register; FCC March 2022 Covered List addition; FCC July 2024 Kaspersky software Covered List addition; Treasury OFAC June 21, 2024 Kaspersky leadership designations; AV-TEST February 2026 Home User Windows cycle; AV-Comparatives Summary Report 2025; AV-Comparatives Anti-Phishing Certification Kaspersky 2025; Kaspersky SOC 2 information; Kaspersky SOC 2 Type 2 announcement; BSI Germany 2022 Kaspersky advisory FAQ; Bitsight post-ban Kaspersky telemetry; r/antivirus, r/cybersecurity, and r/techsupport thread sample from February–April 2026; Kaspersky Global Transparency Initiative.