Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps

Started by Corrine, September 04, 2022, 03:41:47 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Corrine

September 04, 2022, 03:41:47 PM
Via Bleeping Computer at Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps:

QuoteA bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive.ZY' each time the apps are opened in Windows.

See the referenced article for more information.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#1
September 04, 2022, 04:13:12 PM
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

pastywhitegurl

#2
September 05, 2022, 04:35:54 AM
I got that notice about 3pm today. Rather disconcerting to see  But it said the threat had been stopped and removed.  Quickly checked for news and found out about the false positive, and that Microsoft released a fix about 7:30pm that should stop any further alerts.  Updating Defender definitions will stop the behavior.

pastywhitegurl

#3
September 05, 2022, 02:28:22 PM
So apparently, using the Defender panel to initiate the update of the definitions did not work.   I received 2 more instances of the same  "severe" threat being blocked then removed by Defender.  After the second report, an automatic update occurred about 3 minutes later then no more alerts happened overnight.  So hopefully this bug has now been dispatched.

Corrine

#4
September 05, 2022, 03:00:04 PM
This is the update posted at the above link on Bleeping Computer:

QuoteUpdate 6:47 PM EST:

Microsoft has released Microsoft Defender security intelligence update version 1.373.1537.0, which from reports, appears to resolve the Win32/Hive.ZY false positive experienced by Windows users today.

You can follow the instructions at the end of this article to update to this version.

Update 9:25 PM EST:

Microsoft shared the following statement with BleepingComputer:

"We have released an update to address this issue and customers using automatic updates for Microsoft Defender do not need to take additional action." - a Microsoft spokesperson.
In addition Microsoft shared that enterprise customers managing their updates should ensure they are using detection build 1.373.1537.0 or newer.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions