[Update: Fix is live] Windows Defender is reporting a false-positive threat ‘Behavior:Win32/Hive.ZY’; it’s nothing to be worried about
- Windows Defender is alerting people of a “threat detected” for “Behavior:Win32/Hive.ZY”
- The issue is tied to a recent listing in Microsoft’s Defender update file, which is making a wrong detection
- The trigger seems tied to Defender detecting “Electron-based or Chromium-based applications as malware”
- Microsoft is expected to patch/update Microsoft Defender to alleviate the issue
Update #1 (1:50 PM ET): According to the Microsoft support forums, the Defender Team indicated they are investigating this and will hopefully release a patch for this soon.
Update #2: (7:50 PM ET): According to Microsoft support forums, “indications from a Microsoft Agent is a fix has been released (Version: 1.373.1537.0)”
In Windows 10/11, select Check for updates in the Windows Security Virus & threat protection screen to check for the latest updates.
Offline installers are available from these links:
64bit downloads
https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64 (opens in new tab)
32bit Download:
https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86 (opens in new tab)
This morning, a listing in Microsoft Defender’s database (or even Windows Update) is causing havoc on people’s Windows PCs.
People on Reddit are “freaking out” over not just a reported threat from Microsoft Defender but one that keeps popping up and recurring despite the alleged threat being blocked.
The threat is revealed in a pop-up message noting that “Behavior:Win32/Hive.ZY” has been detected and is listed as “severe.” However, after taking action to rectify the issue, it does not go away, and the user will keep receiving the same prompt. The reminder may return after 20 seconds, with the cycle repeating endlessly.
We experienced the issue on one PC; see the screenshots below.
The actual threat is only noted as “This generic detection for suspicious behaviors is designed to catch potentially malicious files.”
The good news is that your computer, should you be experiencing this problem, is not infected with any virus or malware. This detection appears to be a false positive, according to a Microsoft…