Text only | Text with Images

LandzDown Forum

Software & More => Web News => Topic started by: Corrine on September 04, 2022, 03:41:47 PM

Title: Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps
Post by: Corrine on September 04, 2022, 03:41:47 PM
Via Bleeping Computer at Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps (https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-detecting-win32-hivezy-in-google-chrome-electron-apps/):

QuoteA bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive.ZY' each time the apps are opened in Windows.

See the referenced article for more information.
Title: Re: Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps
Post by: DR M on September 04, 2022, 04:13:12 PM
I wish I waited some hours before spending hours in the morning for that: https://www.bleepingcomputer.com/forums/t/776703/behaviorwin32hivezy-being-detected-by-windows-defender-every-few-minutes/#entry5403701

😁

Title: Re: Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps
Post by: pastywhitegurl on September 05, 2022, 04:35:54 AM
I got that notice about 3pm today. Rather disconcerting to see  But it said the threat had been stopped and removed.  Quickly checked for news and found out about the false positive, and that Microsoft released a fix about 7:30pm that should stop any further alerts.  Updating Defender definitions will stop the behavior.
Title: Re: Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps
Post by: pastywhitegurl on September 05, 2022, 02:28:22 PM
So apparently, using the Defender panel to initiate the update of the definitions did not work.   I received 2 more instances of the same  "severe" threat being blocked then removed by Defender.  After the second report, an automatic update occurred about 3 minutes later then no more alerts happened overnight.  So hopefully this bug has now been dispatched.
Title: Re: Microsoft Defender detecting Win32/Hive.ZY in Google Chrome, Electron apps
Post by: Corrine on September 05, 2022, 03:00:04 PM
This is the update posted at the above link on Bleeping Computer:

QuoteUpdate 6:47 PM EST:

Microsoft has released Microsoft Defender security intelligence update version 1.373.1537.0, which from reports, appears to resolve the Win32/Hive.ZY false positive experienced by Windows users today.

You can follow the instructions at the end of this article to update to this version.

Update 9:25 PM EST:

Microsoft shared the following statement with BleepingComputer:

"We have released an update to address this issue and customers using automatic updates for Microsoft Defender do not need to take additional action." - a Microsoft spokesperson.
In addition Microsoft shared that enterprise customers managing their updates should ensure they are using detection build 1.373.1537.0 or newer.
Text only | Text with Images