How to Fix the Behavior:Win32/Hive.ZY Alert on Windows Defender
On September 5, 2022, a listing in Microsoft’s Windows Defender database showed multiple threats popping up on Windows PCs. Even when blocked, the Behavior:Win32/Hive.ZY threat reappears and confirms “Microsoft Defender Antivirus found threats”.
While the threat displays in Windows Defender as “severe”, it is in fact a false positive. And shortly after the issue appeared, Microsoft rolled out a security intelligence update that stops the alerts from popping up. While not all users are affected, if your device shows this alert, here’s how to fix it.
Users Affected by Behavior:Win32/Hive.ZY
You may notice, when opening certain apps, that they get flagged asBehavior:Win32/Hive.ZYby Windows Defender. The affected apps include Google Chrome and Chromium Edge, plus Electron-based apps like WhatsApp, Discord, and Spotify.
For example, if you open a new Chrome window (note, this does not happen when opening a new tab), the threat will appear in the bottom right-hand corner of your Windows laptop or PC.
Users who click on the notification will see the threat is marked as severe by Windows Defender, with the option toRemoveorAllow on device.
If you selectRemoveand then click onStart actions, you’ll notice that the next time you open one of the affected apps, the threat will once again pop up.
Microsoft Confirms That Behavior:Win32/Hive.ZY Is a False Positive
Many Windows 10/11 users took to the Microsoft forums looking for answers. DaveM121, an Independent Advisor for Microsoft, confirmed in response to aMicrosoft Answers question:
This does seem to be a false positive, it is a bug currently being reported by hundreds of people at the moment.
To put your mind at rest, users experiencing this issue aren’t at risk, and their devices are not infected by any kind of virus. The issue is said to have originated from Windows Defender’s security intelligence version1.373.1508.0.
How to Fix the Behavior:Win32/Hive.ZY Alert
After many reports of the Behavior:Win32/Hive.ZY alert came in, Microsoft issued a simple fix to resolve the issue.
If you are unable to see the update when taking the steps above, you canupdate Windows Defender manuallyby clicking on one of the following links.
The fix for this issue rolled out with version1.373.1537.0. However, there has since been another update to Windows Defender, so your version may appear as version 1.373.1567.0 or later.
Windows Defender Has a History of False Positives
While there is now a fix to the issue some users were experiencing with Windows Defender, this isn’t the first false positive Microsoft is guilty of flagging in 2022. In April,Defender flagged a Google Chrome update as bad, annoying plenty of people in the process.
The good news is that any potential issues are fixed very promptly by Microsoft. Windows users should continue to check for OS updates, as well as security intelligence updates to ensure their devices are protected.
The company’s purchase of RiskIQ means that Defender will soon get a powerful AI core under its hood.
My foolproof plan is to use Windows 10 until 2030, with the latest security updates.
Not Linux, not Windows. Something better.
Turn these settings on, and your iPhone will be so much better than before.
Flagship price, mid-range phone.
Now, I actually finish the books I start.
