Security platform Microsoft Defender has been incorrectly serving users of apps such as Google Chrome, Discord, and Twitch with false positive security alerts.
Users are getting a message, known as “Behavior:Win32/Hive.ZY”, which Microsoft says is used to signal potentially malicious files often downloaded via channels such as email.
Perhaps reassuringly, “Hive” is the name of a ransomware-as-service (RaaS) operation which was implicated as the perpetrator of an attack on European consumer electronics retailer Media Markt in September 2021.
The bug has reportedly been addressed in Microsoft Defender update version 1.373.1537.0.
Users began reporting the bug on Micorosft support forums after the release of a Security Intelligence Update name KB2267602.
The timing of the update was also seemingly quite unfortunate, Microsoft US was enjoying a long holiday weekend for the Labor .
This wouldn’t be the first instance of Microsoft’s firewall reporting erroneous false positives about Chrome
Back in the dark ages of 2011, Microsoft Security Essentials and Microsoft Forefront labeled a Chrome executable as the ZeuS trojan which was aimed at stealing users’ bank logins.
The issue reportedly left users unable to use Chrome for hours.
Not happy with Windows Defender? Checkout our guide to the best antivirus software