A nasty Microsoft Defender signature replace mistakenly detects Google Chrome, Microsoft Edge, Discord, and different Electron apps as ‘Win32/Hive.ZY’ every time the apps are opened in Home windows.
“This generic detection for suspicious behaviors is designed to catch doubtlessly malicious information. In case you downloaded a file or acquired it by electronic mail, be sure that it’s from a dependable supply earlier than opening it,” reads the Microsoft detection web page for Win32/Hive.ZY.
In response to BornCity, the false optimistic is widespread, with customers reporting on BleepingComputer, Twitter, and Reddit that the detections seem every time they open their browser or an Electron app.
Though Microsoft Defender will repeatedly show these detections when apps are opened, you will need to notice that this can be a false optimistic, and your system is mistakenly being detected as contaminated.
Microsoft has since launched two new Microsoft Defender safety intelligence updates, the most recent being 1.373.1518.0.
Whereas this signature replace doesn’t show Win32/Hive.ZY detections in BleepingComputer’s exams, different customers report that they proceed to obtain false positives.
To verify for brand new safety intelligence updates, Home windows customers can seek for and open Home windows Safety from the Begin Menu, click on Virus & menace safety, after which click on on Verify for updates underneath Virus & menace safety updates.
Whereas it’s often not required, in this case, it could be useful to reboot Home windows after putting in the brand new safety intelligence replace to see if it resolves the false optimistic.
As this concern is widespread and inflicting panic amongst Home windows customers worldwide, we are going to probably see a brand new replace fixing the issue inside just a few hours, if not sooner.
Presently, there was no formal affirmation of the problem from Microsoft.