Microsoft Defender incorrectly detects Win32/Hive.ZY in Google Chrome, Electron app

Microsoft Defenders

The bad Microsoft Defender signature update incorrectly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ every time the app is opened in Windows.

The problem started Sunday morning when Microsoft released Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.

“This general detection for suspicious behavior is designed to capture potentially malicious files. If you download a file or receive it by email, make sure it’s from a trustworthy source before opening it,” Microsoft wrote. detection page for Win32/Hive.ZY.

Based on City of Birthfalse positives are widespread, with users reporting BleepingComputer, Twitterand Reddit that the detection appears every time they open their browser or Electron app.

Microsoft Defender incorrectly detects Win32/Hive.ZY
Microsoft Defender incorrectly detects Win32/Hive.ZY
Source: Twitter

Although Microsoft Defender will continue to display this detection when the app is opened, it is important to note that this is a false positive, and that your device was incorrectly detected as infected.

Microsoft has released two new Microsoft Defender security intelligence updates, the latest of which is 1.373.1518.0.

Although this signature update did not show Win32/Hive.ZY detection in BleepingComputer tests, other users reported that they keep receiving false positives.

To check for new security intelligence updates, Windows users can search and open Windows Security from the Start Menu, click Virus & threat protectionthen click check for updates under Virus & threat protection updates.

Currently installed version of Microsoft Defender security intelligence
Currently installed version of Microsoft Defender security intelligence
Source: BleepingComputer

While it’s usually not necessary, in this case, it might be useful to reboot Windows after installing a new security intelligence update to see if that resolves the error positive.

Since this issue is widespread and causing panic among Windows users worldwide, we are likely to see a new update fixing the problem in a few hours, if not sooner.

Currently, there is no official confirmation of this issue from Microsoft.

Leave a Reply

Your email address will not be published. Required fields are marked *