- Windows Defender is alerting individuals of a “threat detected” for “Conduct:Win32/Hive.ZY”
- The difficulty is tied to a current itemizing in Microsoft’s Defender replace file, which is making a mistaken detection
- The set off appears tied to Defender detecting “Electron-based or Chromium-based functions as malware”
- Microsoft is anticipated to patch/replace Microsoft Defender to alleviate the problem
Replace #1 (1:50 PM ET): In accordance to the Microsoft help boards, the Defender Group indicated they’re investigating this and can hopefully launch a patch for this quickly.
This morning, a itemizing in Microsoft Defender’s database (and even Windows Replace) is inflicting havoc on individuals’s Windows PCs.
Folks on Reddit are “freaking out” over not simply a reported threat from Microsoft Defender however one which retains popping up and recurring regardless of the alleged threat being blocked.
The threat is revealed in a pop-up message noting that “Conduct:Win32/Hive.ZY” has been detected and is listed as “extreme.” Nevertheless, after taking motion to rectify the problem, it doesn’t go away, and the person will hold receiving the identical immediate. The reminder might return after 20 seconds, with the cycle repeating endlessly.
We skilled the problem on one PC; see the screenshots beneath.
Picture 1 of 3
The precise threat is solely famous as “This generic detection for suspicious behaviors is designed to catch probably malicious information.”
The excellent news is that your pc, must you be experiencing this drawback, is not contaminated with any virus or malware. This detection seems to be a false optimistic, in accordance to a Microsoft Help discussion board (opens in new tab), the place a itemizing in Microsoft Defender’s database incorrectly experiences exercise as harmful.
From DaveM121, an Impartial Advisor:
“This does appear to be a false optimistic, it is a bug at present being reported by lots of of individuals for the time being, it appears to be associated to all Chromium primarily based net browsers and Electron primarily based apps like Whatsapp, Discord, Spotify…and so on.”
“This is an evolving state of affairs with no official phrase from Microsoft but, however appears to be attributable to Safety Intelligence Replace for Microsoft Defender Antivirus – KB2267602 (Model 1.373.1508.0)”
The frequent thread amongst customers experiencing this drawback is the utilization of “Electron-based or Chromium-based functions,” together with Google Chrome, Microsoft Edge, and something that runs Visible Studio Code.
The issue appears to originate from Defender’s Definition/Replace Model 1.373.1508.0, that means Microsoft wants to replace that file, and the problem ought to be resolved.
To date, Microsoft has not publicly commented on the issue because it is a vacation weekend in the US. There might be an prolonged delay in getting the replace pushed out to hundreds of thousands of possible affected computer systems.
We’ll replace this text accordingly if there are any new options or feedback from Microsoft.