[Update: Fix is live] Windows Defender is reporting a false-positive threat ‘Behavior:Win32/Hive.ZY’; it’s nothing to be worried about

Windows Defender is alerting individuals of a “threat detected” for “Behavior:Get32/Hive.ZY”
The concern is tied to a modern listing in Microsoft’s Defender update file, which is generating a erroneous detection
The bring about appears to be tied to Defender detecting “Electron-based or Chromium-primarily based programs as malware”
Microsoft is anticipated to patch/update Microsoft Defender to relieve the situation

Update #1 (1:50 PM ET): In accordance to the Microsoft assist message boards, the Defender Team indicated they are investigating this and will with any luck , launch a patch for this soon.

Update #2: (7:50 PM ET): According to Microsoft guidance community forums, “indications from a Microsoft Agent is a correct has been unveiled (Model: 1.373.1537.)”

In Home windows 10/11, select Check for updates in the Home windows Security Virus & threat protection screen to verify for the latest updates.

Offline installers are offered from these inbound links:

64little bit downloads

https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64 (opens in new tab)

32little bit Obtain:

https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86 (opens in new tab)

This morning, a listing in Microsoft Defender’s database (or even Home windows Update) is producing havoc on people’s Home windows PCs.

People today on Reddit are “freaking out” about not just a claimed threat from Microsoft Defender but just one that retains popping up and recurring irrespective of the alleged menace getting blocked.

The risk is revealed in a pop-up information noting that “Behavior:Earn32/Hive.ZY” has been detected and is outlined as “intense.” Having said that, right after using motion to rectify the issue, it does not go absent, and the person will keep obtaining the similar prompt. The reminder might return following 20 seconds, with the cycle repeating endlessly.

We knowledgeable the issue on one Computer system see the screenshots below.

Image 1 of 3

(Picture credit rating: Daniel Rubino)

Graphic 1 of 3

The actual threat is only famous as “This generic detection for suspicious behaviors is intended to capture possibly destructive documents.”

The good news is that your laptop, should really you be dealing with this dilemma, is not contaminated with any virus or malware. This detection seems to be a phony constructive, in accordance to a Microsoft Guidance forum (opens in new tab), where a listing in Microsoft Defender’s databases improperly studies activity as harmful.

From DaveM121, an Unbiased Advisor:

“This does seem to be to be a phony beneficial, it is a bug now becoming claimed by hundreds of people at the instant, it appears to be to be similar to all Chromium primarily based world-wide-web browsers and Electron based applications like Whatsapp, Discord, Spotify…and many others.”

“This is an evolving problem with no official word from Microsoft still, but would seem to be caused by Protection Intelligence Update for Microsoft Defender Antivirus – KB2267602 (Model 1.373.1508.)”

The prevalent thread amongst consumers going through this challenge is the use of “Electron-dependent or Chromium-dependent programs,” which includes Google Chrome, Microsoft Edge, and just about anything that operates Visual Studio Code.

The problem appears to originate from Defender’s Definition/Update Version 1.373.1508., which means Microsoft demands to update that file, and the problem must be solved.

So much, Microsoft has not publicly commented on the challenge as it is a getaway weekend in the United States. There could be an extended hold off in finding the update pushed out to tens of millions of most likely impacted computer systems.

We’ll update this report accordingly if there are any new solutions or reviews from Microsoft.

Tags: BehaviorWin32HiveZY, Defender, falsepositive, Fix, live, reporting, threat, update, Windows, Worried