Microsoft Defender incorrectly reports Behavior:Win32/Hive.ZY in Chrome, Edge and Electron

Microsoft has released a problematic Microsoft Defender signature database update that causes the antivirus to erroneously identify Google Chrome, Microsoft Edge, Discord, and other Electron-based applications as a “Behavior: Win32/Hive.ZY” threat. This reportedly started after the installation of signature databases 1.373.1508.0 on September 4th, but does not affect all users.

Another problem is that notifications about the threat “Behavior: Win32/Hive.ZY” appear endlessly every time you open applications. Some users also report that even blocking the threat does not help, and notifications about it continue to come every 20 seconds.

If you encounter this problem, then know that in fact your computer is not infected with a virus or any kind of malware. We are dealing with a false positive antivirus. The Microsoft Defender team is investigating the issue and will likely release a patched version of the signature databases soon.

Leave a Reply

Your email address will not be published.