A bug occurs that the Windows security application 'Microsoft Defender' misdetects Chrome, Discord, etc. as malware



A bug has occurred in ``

Microsoft Defender '', a standard security software for Windows provided by Microsoft, that falsely detects applications such as Google Chrome, Microsoft Edge, and Discord as malware.

Windows Defender is reporting a false-positive threat 'Behavior:Win32/Hive.ZY'; it's nothing to be worried about | Windows Central
https://www.windowscentral.com/software-apps/windows-11/windows-defender-is-reporting-a-false-positive-threat-behaviorwin32hivezy-its-nothing-to-be-worried-about

Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-falsely-detects-win32-hivezy-in-google-chrome-electron-apps/

On Sunday, September 4, 2022, version 1.373.1508.0 , the latest version of Microsoft Defender, previously distributed under the name Windows Defender, was released. Updating to this version introduces a bug that causes Microsoft Defender to notify you with a threat detection popup ' Behavior:Win32/Hive.ZY ' every time you open an application such as Google Chrome, Microsoft Edge or Discord on Windows.

In addition, the notification is fixed on the 'Virus and threat protection' screen of Windows Security as follows. However, even if you click this and try to deal with the problem, it seems that the notification will disappear once and reappear after about 20 seconds.



Microsoft's security page mentions the 'Behavior:Win32/Hive.ZY' threat detection, stating, 'This generic detection for suspicious behavior is designed to detect potentially malicious files. Download the file or if you receive it by email, make sure it's from a trusted source before opening it.' No details provided.

A bug in which a threat detection of 'Behavior: Win32/Hive.ZY' is notified every time the app is opened has been reported on Reddit, an overseas bulletin board, and users who encountered the bug initially said, 'I don't know what this is, so I'm in a hurry. I turned off the PC and unplugged the power plug from the outlet.'

HELP: Behavior:Win32/Hive.ZY : computerviruses
https://www.reddit.com/r/computerviruses/comments/x5idjw/help_behaviorwin32hivezy/



Microsoft's official community, Microsoft Community, has reported that they have encountered similar problems.

win32/hive.zy removal notification every time I run a program - Microsoft Community
https://answers.microsoft.com/en-us/protect/forum/all/win32hivezy-removal-notification-every-time-i-run/db598180-4b74-4f19-8c1f-117d688caf91



In response to a report posted on the Microsoft Community that the threat detection 'Behavior:Win32/Hive.ZY' appears, independent advisor DaveM121 said, 'This appears to be a false positive. Hundreds of people are currently We have received reports of this bug from.It appears to be related to all Chromium-based web browsers and Electron-based apps such as Whatsapp, Discord, Spotify, etc.' 'There is no official announcement from Microsoft yet. However, it seems to be caused by KB2267602 (version 1.373.1508.0), a security intelligence update for Microsoft Defender.' He explained that the notification was only a false positive and was not actually infected with malware. doing.

Microsoft has already released version 1.373.1537.0 which fixes the issue.

in Software,   Security, Posted by logu_ii