Windows Defender Throwing False Win32/Hive.ZY Alert

Windows users world wide are in a panic today as Windows Defender is throwing a false Win32/Hive.ZY Alert when certain popular apps (including Microsoft’s own Edge browser) are opened.

A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows.

The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.

Microsoft is aware of the issue and is pushing out new security intelligence updates.

To check for new security intelligence updates

  1. Search for and open Windows Security from the Start Menu
  2. Click Virus & threat protection,
  3. Click Check for updates under Virus & threat protection updates.
  4. Once updates are installed restart Windows (optional but recommended)

via Bleeping Computer