Windows Defender bug sends users Win32/Hive.ZY virus alerts
3 min. read
Updated on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Key notes
- If you are also using Windows Defender, chances are you were affected too.
- The antivirus started sending severe virus notifications on Win32/Hive.ZY.
- Microsoft, however, confirmed this was only a bug in the Defender's code.
Windows Defender is still, in the eyes of many, a very reliable solution when it comes to cybersecurity needs, so it’s no wonder that so many people still use it.
However, that doesn’t mean that this software won’t sometimes backfire, which is why you came to the right place to get something like that fixed.
By the way, if Windows Defender is missing on your Windows 11 device, we can help you with that as well, just so you know.
Yesterday, many users have reported that Windows Defender had notified them about a Win32/Hive.ZY virus on their PCs.
However, there’s no need to become anxious, as there is nobody trying to access your data. Microsoft has confirmed that a bug was causing the issue, and has already fixed it.
Defender started showing sever infection notifications
Many Windows users woke up yesterday to a pile of notifications from Windows Defender, which is the default antivirus in the Windows OS.
The software had actually alerted them that it had detected malware on their system. Let’s just say that is not what you want to see on your monitor.
This so-called virus was identified as Win32/Hive.ZY. As you imagined, this caused panic among users who didn’t know how their computers got infected.
According to what affected users had to say about this, Windows Defender displayed a notification that said that the threat had been removed from the device.
From the available screenshots, we can see that the malware was described as a dangerous program that executes commands from an attacker.
And, you should also know that Win32/Hive.ZY is actually listed on Microsoft Security Intelligence’s threat database as a generic detection.
Keep in mind that, although the antivirus immediately quarantined the threat, the same notification would reappear after about a minute or two.
These alarmingnotifications caused further confusion among users, who began scanning their computers using third-party tools such as Malwarebytes Anti-Malware.
Furthermore, some of the affected users mentioned they had noticed that the problem seemed to have occurred only when they tried to run specific apps such as Chrome, Edge, Spotify, and Discord.
What puzzled users to the brink of insanity was the fact that closing these apps caused the notifications to stop.
Also important to remember is that these applications have something in common, and that is that they are all based on Chromium or Electron.
Microsoft confirms this was only a Dender bug
Through Microsoft’s Discord community, the Redmond tech giant has explained that the Win32/Hive.ZY is nothing to get worried about.
In fact, this false positive issue originated in the Security Intelligence Update for Microsoft Defender Antivirus, which was KB2267602 (Version 1.373.1508.0).
Know that the virus definition update in question was rolled out to users yesterday, and a bug in the database was incorrectly flagging Chromium-based apps as malware.
Yes, Microsoft has already issued a fix for the false positive detection, and has advised users to update to the latest definitions. Please note that version: 1.373.1537.0 and above fixes this issue.
If by any chance, you are still experiencing the issue, you can download the latest virus definitions directly from Microsoft’s website, and install them manually.
Just to save some time, we have the download links for you right here:
Have you also received these Windows Defender notifications? Share your experience with us in the comments section below.
