Elain Brown Tech 09.04.2022 21:Sep PM EDT

Microsoft Defender Update Wrongfully Detects Chrome, Edge, Discord As 'Malicious'

The Microsoft Defender update rollout wrongfully detects electron apps as malicious files.

Numerous Microsoft users around the world were disturbed by the malfunction brought on by the update that was recently rolled out on Defender.

The update was flagging major applications like Discord, Microsoft, Edge, Google Chrome, and numerous other electron app, as a malicious file called "Win32/Hive.ZY".

Concerns have been voiced by users on social media platforms such as Twitter and Reddit regarding the notifications that they receive from Windows Defender regarding the presence of a persistent virus threat.

It appeared that the detected threat was "Behavior:Win32/Hive.ZY," and detections appeared every time the user opened their browser or any Electron application.

Microsoft Defender's 'Win32/Hive.ZY' Problem

The Microsoft Defender update caused havoc to its users over the weekend.

When opened in Windows, Discord, Microsoft, Edge, Google Chrome, and other Electron applications are incorrectly identified as being infected with "Win32/Hive.ZY" due to a flawed update to the signature database used by Microsoft Defender.

After Microsoft released Defender signature update 1.373.1508.0, users began to notice an unusual occurrence in their devices.

The update that caused this problem was supposed to be released in order to fix two newly detected threats in Defender, one of which was "Win32/Hive.ZY."

Microsoft Defender Antivirus flags "Win32/Hive.ZY" as a malicious threat to its users.

The software company then rolled out the 1.373.1508.0 update to prevent its users from the potential of having their devices and systems compromised.

According to Microsoft, the Defender update is described by the company as a generic detection for suspicious activities. This feature is intended to identify files that could be harmful to the system.

The company informed its customer base that it had discovered the vulnerability and cautioned them to check the integrity of any files they downloaded or received over email by ensuring that they came from reputable sources before opening them.

The user's device is being incorrectly identified as infected despite the fact that Microsoft Defender will continue to display these detections whenever apps are accessed. It is vital to keep in mind that this is a false positive and that the detections are being made in error.

Microsoft Defender Update

Microsoft has received these complaints and quickly addressed its enormous user base by saying that they are investigating the problem and will release a patch soon.

Since these problems can only be corrected by a server-side update from Microsoft's end, there is not much that users can do to fix the false positive errors that are caused by Windows Defender.

It appears that the trigger is connected to Defender, allowing a malicious detection of a program that is based on Electron or Chromium.

As of writing, there has been word spreading that a patch is now live and available, although Microsoft has not yet had an official confirmation for the release. However, users can check their own systems to see if their devices currently have the rollout.

According to BleepingComputer, "To check for new security intelligence updates, Windows users can search for and open Windows Security from the Start Menu, click Virus & threat protection, and then click on Check for updates under Virus & threat protection updates."

Users are also encouraged to restart Windows after installing the latest security update in order to determine whether or not this resolves the false positive issue.