Microsoft releases fix for Behavior:Win32/Hive.ZY error in Windows Defender

A Microsoft official confirmed reports that Google Chrome, Chromium Edge, Discord and several other applications were flagged by Microsoft's built-in antivirus software "Windows Defender" as "Behavior:Win32/Hive.ZY" extensive coverage. The tech giant confirmed in a statement that it is working on a fix that will be rolled out to everyone in the next few hours.

So what exactly is "Behavior:Win32/Hive.ZY"? According to a document posted on the Microsoft Security Portal, any file marked "Behavior:Win32/Hive.ZY" is a threat with suspicious behavior. It is used to flag potentially malicious files, especially those downloaded via email.

This notification appears to have been added to Defender version 1.373.1508.0. Your app may be flagged as malicious by:

• Microsoft Defender Antivirus for Windows 10, Windows 11, and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista .
• Microsoft Security Scanner.

We have received confirmation from Microsoft that this activity is a false positive issue, but it is another issue for companies like Google and Discord as customers apparently Looking for their support.

#We have seen reports that affected users are automatically shown the above error during regular scans of Defender.

"Docker Desktop downloaded from their website or installed via WinGet reported "Behavior: Win32/Hive.ZY" in this morning's security update. This prevents Docker Desktop from being updated via WinGet or within the application option to upgrade and resulted in many, many, many false warnings," noted one affected user.

In our testing, we observed Windows Defender on Windows 10 and Windows 11 flagging Chromium-based apps and other apps like Discord as "Win32/Hive.ZY." If you are affected, you can easily reproduce the bug if you kill Edge, Chrome, or any process that triggers it and launch the app again.

If the app keeps running in the background, the error will pop up again over time.

"Alerts appear when opening new pages in Chrome, but not all. Even microsoft.com when I click Learn more under Protect History. Started happening today, probably on Windows After Defender updates. The culprit is always one of Chrome's PIDs," another user pointed out.

Microsoft Releases Fix for Behavior:Win32/Hive.ZY

You cannot fix false positive errors with Windows Defender because they can only be patched through server-side updates from Microsoft. Thankfully, Microsoft officials tell us they've begun investigating the issue and have released a potential fix.

The fix is ​​rolling out version: 1.373.1537.0. To fix Behavior:Win32/Hive.ZY, follow these steps:

1. Search for "Windows Security" in Windows Search.
2. Navigate to Virus & Threat Protection.
   
3. Check for updates.
4. Restart.

If you don’t see the update when you check for updates, you can also manually download the fix from the given link:

• 64-bit download
• 32-bit download

This is the third such incident involving Windows Defender. Earlier this year, some Google Chrome updates were flagged by Microsoft as potentially harmful. A similar incident was reported in March, when the company flagged its own Office updates as a ransomware threat.

Similar incidents also occurred in 2021. In fact, Defender blocked Office apps and applications due to Emotet malware.

The above is the detailed content of Microsoft releases fix for Behavior:Win32/Hive.ZY error in Windows Defender. For more information, please follow other related articles on the PHP Chinese website!