- Home windows Defender is alerting individuals of a “risk detected” for “Habits:Win32/Hive.ZY”
- The problem is tied to a current itemizing in Microsoft’s Defender replace file, which is making a mistaken detection
- The set off appears tied to Defender detecting “Electron-based or Chromium-based functions as malware”
- Microsoft is predicted to patch/replace Microsoft Defender to alleviate the problem
Replace #1 (1:50 PM ET): Based on the Microsoft help boards, the Defender Crew indicated they’re investigating this and can hopefully launch a patch for this quickly.
This morning, an inventory in Microsoft Defender’s database (and even Home windows Replace) is inflicting havoc on individuals’s Home windows PCs.Â
Individuals on Reddit are “freaking out” over not only a reported risk from Microsoft Defender however one which retains popping up and recurring regardless of the alleged risk being blocked.
The risk is revealed in a pop-up message noting that “Habits:Win32/Hive.ZY” has been detected and is listed as “extreme.” Nevertheless, after taking motion to rectify the problem, it doesn’t go away, and the person will preserve receiving the identical immediate. The reminder could return after 20 seconds, with the cycle repeating endlessly.
We skilled the problem on one PC; see the screenshots under.
The precise risk is just famous as “This generic detection for suspicious behaviors is designed to catch probably malicious recordsdata.”
The excellent news is that your pc, must you be experiencing this downside, is just not contaminated with any virus or malware. This detection seems to be a false optimistic, in keeping with a Microsoft Assist discussion board (opens in new tab), the place an inventory in Microsoft Defender’s database incorrectly experiences exercise as harmful.Â
From DaveM121, an Unbiased Advisor:
“This does appear to be a false optimistic, it’s a bug at present being reported by lots of of individuals in the meanwhile, it appears to be associated to all Chromium based mostly internet browsers and Electron based mostly apps like Whatsapp, Discord, Spotify…and so forth.”
“That is an evolving state of affairs with no official phrase from Microsoft but, however appears to be attributable to Safety Intelligence Replace for Microsoft Defender Antivirus – KB2267602 (Model 1.373.1508.0)”
The frequent thread amongst customers experiencing this downside is the utilization of “Electron-based or Chromium-based functions,” together with Google Chrome, Microsoft Edge, and something that runs Visible Studio Code.
The issue appears to originate from Defender’s Definition/Replace Model 1.373.1508.0, which means Microsoft must replace that file, and the problem ought to be resolved.
To date, Microsoft has not publicly commented on the issue as it’s a vacation weekend in the USA. There could possibly be an prolonged delay in getting the replace pushed out to tens of millions of doubtless affected computer systems.
We’ll replace this text accordingly if there are any new options or feedback from Microsoft.
