October 1, 2022

COSFONE

Networking, PBX, IT, DIY Solution

Windows Defender falsely reports Chromium and Electron as malware.

3 min read

Windows Defender falsely reports Chromium and Electron as malware.



 

Windows Defender falsely reports Chromium and Electron as malware.

 

Recently, a large number of Windows users pointed out in forum discussions that whenever they start and open any Chromium-based program, Windows Defender will pop up a notification saying: The win32/hive.zy malware has been found and removed.

 

In this regard, a user named Apptils Horray said that it is a good thing that Windows Defender antivirus software can detect and warn users of the existence of Hive ransomware. 

But this repeated pop-up notification message is really annoying, ” I’d rather get rid of whatever is causing it in the first place “.

 

To get rid of the warning, Horray tried an offline scan, but that didn’t solve the problem. 

Tried Malwarebytes later, although the notification no longer pops up; but Horray thinks “it’s doing the exact same thing as Windows Defender, catches it every time, just doesn’t tell me”. 

And everything happened without warning, the user just woke up from sleep, turned on the computer, and this happened.

 

 

 

 

The post resonated a lot once it was posted, with many users saying they had the same problem. 

After some discussion and expert diagnosis, it was confirmed that the issue was a false positive from Windows Defender , as a recent browser update may have confused things in some way.

 

Since then, Microsoft officials have also become aware of the problem, and its antimalware product update log recorded eight updates to Windows Defender on September 4 to address the issue. Currently, version  1.373.1537.0  has fixed the issue.

Hi Apptils,

I’m Dave and I’ll help you with this.

This appears to be a false positive, a bug currently being reported by hundreds of people, and it appears to be related to all Chromium-based web browsers and Electron-based apps like Whatsapp, Discord, Spotify, etc.

This is an evolving situation, no official word from Microsoft yet, but it appears to be caused by the Security Intelligence Update for Microsoft Defender Antivirus – KB2267602 (version 1.373.1508.0)

Update, on Twitter, I see that Microsoft is aware of this and hope to fix it soon.

Update: Indication from Microsoft Agent that a fix has been released (Version: 1.373.1537.0)

In Windows 10, select Check for Updates in the Windows Security Virus & Threat Protection screen to check for the latest updates.

Offline installers are available at these links:

64-bit download: https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64

32-bit download: https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86

IMPORTANT: Please don’t click “Allow a threat” via Defender as some people in this thread have su



Copyright © All rights reserved. | Newsphere by AF themes.