This article is more than 1 year old

Microsoft mistakenly rated Chromium, Electron as malware

Windows Defender update fixed the mess after a weekend of false positive weirdness

Microsoft appears to have fixed a problem that saw its Defender antivirus program identify apps based on the Chromium browser engine and/or Electron JavaScript framework as malware, and suggest users remove them.

Numerous social media and forum posts made over the weekend detail how Windows has produced a warning of “Behavior:Win32/Hive.ZY” when users run everyday applications like Google’s Chrome browser or the Spotify music streamer.

Hive is a nasty ransomware-as-a-service outfit, so it’s a good thing that Windows Defender antivirus can detect and warn against the presence of its pernicious products.

But neither Spotify nor Chrome are malware or ransomware (despite their info-harvesting practices).

Users were therefore a tad miffed at Windows making constant suggestions to the contrary.

Chat in Microsoft’s forums, helped along by a volunteer expert, diagnosed the issue as a false positive produced by Windows Defender, possibly due to recent browser updates somehow confusing matters. .

Microsoft’s changelog for antimalware products recorded a flurry of eight updates to Windows Defender dated September 4th, suggesting concerted action to resolve the issue.

Version 1.373.1537.0 appears to have done the trick, as forum comments report its application causes the warnings to disappear.

Microsoft HQ in the USA is enjoying a holiday long weekend, which is probably why the company’s social feeds and representatives are silent on the matter at the time of writing.

This is not the first time Microsoft has identified Chrome as Malware: the Reg archive records a similar incident in 2011! Chrome has since gone on to dominate the web browser market. And Microsoft often introduces bug fixes or updates that have unintended consequence of breaking third-party software. ®

More about


Send us news

Other stories you might like