If your computer is still experiencing the issue, you can download the latest virus definitions directly from Microsoft's website, and install them manually. The current version, at the time of writing this article, is 1.373.1567.0. Chances are that your system might already have a newer version, in which case, it should have solved the issue. You may install the definitions update from the Windows Security app's Virus & Threat Protection > Protection Updates screen. Version: 1.373.1537.0 (and above) resolves this issue. The Redmond company has already issued a fix for the false positive detection, and has advised users to update to the latest definitions. The virus definition update in question was rolled out to users yesterday, and a bug in the database was incorrectly flagging Chromium-based apps as malware. What caused the false-positive issue?Ī moderator on Microsoft's Discord community has explained that the Win32/Hive.ZY false positive issue originated in the Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.373.1508.0). One thing that is worth noting is that these programs have something in common, they are all based on Chromium or Electron. So, why were these apps triggering the warning? Were they infected? No, they weren't. Closing these apps caused the notifications to stop. Some users mentioned they had noticed that the problem seemed to have occurred only when they tried to run specific apps such as Chrome, Edge, Spotify, Discord, to name a few. These repeated notifications caused further confusion among users, who began to worry whether this was a severe infection like ransomware, and began scanning their computers using third-party tools such as Malwarebytes Anti-Malware. Win32/Hive.ZY is listed on Microsoft Security Intelligence's threat database as a generic detection.Įven though the antivirus had quarantined the threat, the same notification would reappear after about a minute or two. Screenshots of the notification tell us that the malware was described as a dangerous program that executes commands from an attacker. Windows Defender displayed a notification which said that the threat had been removed from the device. This is what happened according to people who experienced the issue. Naturally, this caused panic among users who didn't know how their computer got infected, hundreds of them sought help via social networks and forums. The virus was identified as Win32/Hive.ZY. Yesterday, many Windows users woke up to a notification from Windows Defender, the default antivirus in the OS, had alerted them that it had detected a malware on their system. Followed by this is the report of flagging the Office updates as ransomware threats.Windows Defender detects Win32/Hive.ZY virus on many computers Google Chrome update was flagged earlier this year and said that it can potentially harm your computers, as reported by Microsoft. The only solution is to update the Microsoft Windows Defenders to be patched through a server-side.įor this year, Windows Defender experienced problems like this for the third consecutive time already. Fixing Behavior:Win32/Hive.ZYĪs it was only just a false-positive error, there is nothing much users can do to resolve this problem. While the whole thing was just a bug, this reminded the people that backing up your files regularly is a necessity as some users who experienced this problem already formatted their own personal computers fearing of catching viruses. The report also contains tests and observations where they found that Windows Defender with Windows 10 and Windows 11 was flagging the apps mentioned above. Windows Latest report shows that users who have been affected by this are automatically shown the aforementioned error while the Defender's regular scanning is happening. While no confirmations have been said by Microsoft during the discussion, the advisor stated that "It seems to be caused by Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.373.1508.0),". In Microsoft Support Forum, an independent advisor named DavidM121 reached out to a concerned user. This means no virus or malware was detected and infected the computers and laptops that received this message. Windows Defender detected false positives on all Chromium- and Electron-based apps after the latest updates, including Google Chrome, Chromium Edge, Discord, and more. Also Read: Card-Skimming Malware Have Changed Tactics Throughout the Years, Microsoft Says
0 Comments
Leave a Reply. |