Privacy Ninja

Microsoft Defender Falsely Detects Win32/Hive.ZY in Google Chrome, Electron Apps

Microsoft Defender Falsely Detects Win32/Hive.ZY in Google Chrome, Electron Apps

A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows.

The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.

“This generic detection for suspicious behaviors is designed to catch potentially malicious files. If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it,” reads the Microsoft detection page for Win32/Hive.ZY.

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

According to BornCity, the false positive is widespread, with users reporting on BleepingComputerTwitter, and Reddit that the detections appear each time they open their browser or an Electron app.

Microsoft Defender falsely detecting Win32/Hive.ZY
Microsoft Defender falsely detecting Win32/Hive.ZY
Source: Twitter

Even though Microsoft Defender will continuously display these detections when apps are opened, it is important to note that this is a false positive, and your device is mistakenly being detected as infected.

Microsoft has since released two new Microsoft Defender security intelligence updates, the latest being 1.373.1518.0.

While this signature update does not display Win32/Hive.ZY detections in BleepingComputer’s tests, other users report that they continue to receive false positives.

To check for new security intelligence updates, Windows users can search for and open Windows Security from the Start Menu, click Virus & threat protection, and then click on Check for updates under Virus & threat protection updates.

Also Read: 3 Reasons Why You Must Take A PDPA Singapore Course

Currently installed Microsoft Defender security intelligence versions
Currently installed Microsoft Defender security intelligence versions
Source: BleepingComputer

While it is usually not required, in this case, it may be helpful to reboot Windows after installing the new security intelligence update to see if it resolves the false positive.

As this issue is widespread and causing panic among Windows users worldwide, we will likely see a new update fixing the problem within a few hours, if not sooner.

At this time, there has been no formal confirmation of the issue from Microsoft.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us