Jump to content
  • Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps

    alf9872000

    • 427 views
    • 2 minutes
     Share


    • 427 views
    • 2 minutes

    A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive.ZY' each time the apps are opened in Windows.

     

    The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.

     

    "This generic detection for suspicious behaviors is designed to catch potentially malicious files. If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it," reads the Microsoft detection page for Win32/Hive.ZY.

     

    According to BornCity, the false positive is widespread, with users reporting on BleepingComputerTwitter, and Reddit that the detections appear each time they open their browser or an Electron app.

     

    Microsoft Defender falsely detecting Win32/Hive.ZY
    Microsoft Defender falsely detecting Win32/Hive.ZY - Source: Twitter
     

    Even though Microsoft Defender will continuously display these detections when apps are opened, it is important to note that this is a false positive, and your device is mistakenly being detected as infected.

     

    Microsoft has since released two new Microsoft Defender security intelligence updates, the latest being 1.373.1518.0.

     

    While this signature update does not display Win32/Hive.ZY detections in BleepingComputer's tests, other users report that they continue to receive false positives.

     

    To check for new security intelligence updates, Windows users can search for and open Windows Security from the Start Menu, click Virus & threat protection, and then click on Check for updates under Virus & threat protection updates.

     

    security-intelligence-update.jpg
    Currently installed Microsoft Defender security intelligence versions - Source: BleepingComputer
     

    While it is usually not required, in this case, it may be helpful to reboot Windows after installing the new security intelligence update to see if it resolves the false positive.

     

    As this issue is widespread and causing panic among Windows users worldwide, we will likely see a new update fixing the problem within a few hours, if not sooner.

     

    At this time, there has been no formal confirmation of the issue from Microsoft.

     

    Source: Bleeping Computer

    https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-falsely-detects-win32-hivezy-in-google-chrome-electron-apps/


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...