Google Chrome not working? Microsoft Defender may be to blame

A Microsoft Defender update caused users to experience false positives

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security platformMicrosoft Defenderhas been incorrectly serving users of apps such asGoogleChrome, Discord, and Twitch with false positive security alerts.

Users are getting a message, known as “Behavior:Win32/Hive.ZY”, whichMicrosoftsays is used to signalpotentially malicious filesoften downloaded via channels such as email.

Perhaps reassuringly, “Hive” is the name of a ransomware-as-service (RaaS) operation which was implicated as the perpetrator of an attack on European consumer electronics retailer Media Markt in September 2021.

What now?

The bug has reportedly been addressed in Microsoft Defender update version 1.373.1537.0.

Users began reporting the bug on Micorosft support forums after the release of a Security Intelligence Update name KB2267602.

The timing of the update was also seemingly quite unfortunate, Microsoft US was enjoying a long holiday weekend for the Labor .

The common denominator of the apps impacted is that they are running Google’s open-source Chromium browser engine or the Electron JavaScript framework, an open-source software framework used by apps such asWhatsApp, Yammer, and Visual Studio Code.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

This wouldn’t be the first instance of Microsoft’sfirewallreporting erroneous false positives about Chrome

Back in the dark ages of 2011, Microsoft Security Essentials and Microsoft Forefront labeled a Chrome executable as the ZeuS trojan which was aimed at stealing users' bank logins.

The issue reportedly left users unable to use Chrome for hours.

Microsoft Defender for Business now available as standalone product>Microsoft Defender now offers protection across Azure, AWS and Google Cloud>Our guide to the best endpoint protection

More recently,a number of Windows system admin reportsdemonstrated that Microsoft Defender for Endpoint had taggedbrowserupdates made via the Google Update service as suspicious.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

We might have our first look at the long-rumored Samsung tri-fold