Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps
A recent bug in security intelligence updates for Microsoft Defender is causing it to incorrectly detect Chrome-based browsers and other Electron-based apps as potential malware. Microsoft Edge and other such apps are flagged as suspicious, reporting the threat as Behavior:Win32/Hive.ZY. The issue seems to be resolved when upgrading to version 1.373.1537.0 of the security intelligence updates, and the changelog reports an update to the threat detection for Behavior:Win32/Hive.ZY. After updating Microsoft Defender's security intelligence, the false positive disappears, and no further action is needed.
The false positive appears to be linked to detecting behaviors that would indicate the presence of Hive ransomware. It's obviously a good thing to detect Hive ransomware and block it, but this panicked many users over the weekend whose computers warned them upon opening many trusted applications. Details are scarce as to what went wrong in the Microsoft Defender definitions and how the false positive occurred, but the issue seems to have been resolved with the latest definitions.
Although Microsoft Edge does not contain the Hive ransomware, some users might suggest that Edge was correctly identified as malware, and that the rest of Windows should have been flagged as well.
(Score: 5, Insightful) by Rosco P. Coltrane on Wednesday September 07 2022, @12:37PM (2 children)
So it trips on Discord, WhatsApp, Teams? Sounds like the only flaw here is that it doesn't report the malware's correct name.
(Score: 3, Informative) by Freeman on Wednesday September 07 2022, @01:33PM
I've been using Discord for a while and it could definitely be worse. It's a nice platform independent way to communicate with your buddies. Also, some player communities are built-up around Discord servers.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Touché) by helel on Wednesday September 07 2022, @02:45PM
Mal: Bad, disease
Ware: Software
Republican Patriotism [youtube.com]
(Score: 3, Funny) by DECbot on Wednesday September 07 2022, @05:32PM (1 child)
I suspect these users also said the only solution is to install GNU/Linux. I though RMS was unpersoned and he and his tribe are no longer allowed to speak to the media?
cats~$ sudo chown -R us /home/base
(Score: 2) by Freeman on Thursday September 08 2022, @01:29PM
Microsoft Edge is essentially just a reskin of Chrome with maybe a few extra Microsoft trackers thrown in for good measure. Windows was much worse in the past. Except for the tracking. That's definitely much worse in the current version(s) of Windows. M$ working on those $.
While I much prefer the philosophy of Linux. I much prefer my stuff to "just work". Linux is pretty near there and has actually been fairly rock solid compared to Windows for a very long time. The issue has always been "buy-in". You have a lot fewer users and very little support from companies. Which is why games still don't "just work". Sure, some do, but the majority don't. A lot of the recent that "just work" do work, because of Steam's work on Proton. Not, because developers are actually building their games with Linux compatibility in mind.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by Spamalope on Thursday September 08 2022, @03:50AM (1 child)
Defender has twice nuked my Win7 VM, the last time two weeks ago.
So defender doesn't defend, but it sure does screw things up...
(Score: 2) by Freeman on Thursday September 08 2022, @01:31PM
That's kind of funny. It makes me wonder is it a Windows Defender issue or a VM issue. I've never had an issue with Windows Defender screwing things up. Maybe, I'm just due for some problems? Maybe your install is cursed? Then again, Windows 7 isn't supported anymore, if I recall correctly.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"