Chromium, Electron Was Incorrectly classified As Malware By Microsoft.

by | Mar 7, 2024

It appears that Microsoft has resolved a bug that caused its Defender antivirus product to flag apps built using the Chromium browser engine and/or the Electron JavaScript framework as potentially malicious and advise users to uninstall them.

Many reports on forums and social media such as on Twitter over the weekend describe how Windows has started to issue warnings of “Behavior:Win32/Hive.ZY” when users launch common programmes like the Spotify music player or the Chrome browser.

Hive is a horrible provider of ransomware-as-a-service, so it’s fortunate that Windows Defender antivirus can identify and forewarn users about the presence of its harmful wares.

However, neither Chrome nor Spotify contain any virus or ransomware (despite their info-harvesting practices).

Users were somewhat irritated by Windows’ repeated hints to the contrary as a result.

A volunteer expert assisted in diagnosing the problem as a false positive generated by Windows Defender, potentially as a result of recent browser changes complicating things.

A rush of eight updates to Windows Defender with the date September 4th were noted in Microsoft’s changelog for antimalware programs, showing concentrated effort to fix the problem.

According to forum comments, application of version 1.373.1537.0 causes the warnings to go away.

Microsoft headquarters in the USA are likely taking advantage of a long holiday weekend because no comments have been made on the topic on the company’s social media accounts or by its spokespeople as of this writing.

Microsoft has already classified Chrome as malware; the Reg archive lists a related occurrence from 2011! Since then, Chrome has dominated the online browser industry. Additionally, Microsoft frequently releases updates or bug patches that unintentionally disrupt third-party products.