Article 63BKM Microsoft Defender Mistakenly Detects Electron-Based Apps as Malware

Microsoft Defender Mistakenly Detects Electron-Based Apps as Malware

by
janrinok
from SoylentNews on (#63BKM)

An Anonymous Coward writes:

Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps

A recent bug in security intelligence updates for Microsoft Defender is causing it to incorrectly detect Chrome-based browsers and other Electron-based apps as potential malware. Microsoft Edge and other such apps are flagged as suspicious, reporting the threat as Behavior:Win32/Hive.ZY. The issue seems to be resolved when upgrading to version 1.373.1537.0 of the security intelligence updates, and the changelog reports an update to the threat detection for Behavior:Win32/Hive.ZY. After updating Microsoft Defender's security intelligence, the false positive disappears, and no further action is needed.

The false positive appears to be linked to detecting behaviors that would indicate the presence of Hive ransomware. It's obviously a good thing to detect Hive ransomware and block it, but this panicked many users over the weekend whose computers warned them upon opening many trusted applications. Details are scarce as to what went wrong in the Microsoft Defender definitions and how the false positive occurred, but the issue seems to have been resolved with the latest definitions.

Although Microsoft Edge does not contain the Hive ransomware, some users might suggest that Edge was correctly identified as malware, and that the rest of Windows should have been flagged as well.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments