Microsoft confirms False Positive in Windows Defender, Hive.ZY

Updated: Sep 15

Cybersecurity News


Don't panic if you suddenly get a notification in Windows that Defender has detected a threat. Microsoft confirmed there are widespread reports of Google Chrome, Chromium Edge, Discord and several other apps getting flagged as “Behavior:Win32/Hive.ZY” by Microsoft’s built-in virus protection software "Windows Defender". Microsoft has already confirmed that it’s working on a fix which will be published within 24 hours.


What exactly is “Hive.ZY”? According to a document published on Microsoft’s security portal, any file flagged as “Behavior:Win32/Hive.ZY” is defined as a potential threat from any suspicious behavior in Windows. It is used to flag potentially malicious files, especially those files downloaded through web browsers or emails.


The notification seems to have been added with Defender version 1.373.1508.0. And it is likely your Chrome apps, among some others, could be flagged as malicious by the following security apps: Microsoft Defender Antivirus for Windows 10, Windows 11 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista Microsoft Safety Scanner.


Read the articles below for some additional information.

 

See the list of references below

 

Review these sources for more information

  1. Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-falsely-detects-win32-hivezy-in-google-chrome-electron-apps/

  2. Microsoft confirms Behavior:Win32/Hive.ZY false error in Windows Defender https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Behavior%3aWin32%2fHive.ZY&threatid=2147830806

  • Twitter
  • LinkedIn
blockchain concept illustration in 3d, connected blocks in blockchain_edited.jpg

Check out our Twitter feed!

pngegg.png