Skip links

Microsoft mistakenly rated Chromium, Electron, as malware

Microsoft appears to have fixed a problem that saw its Defender antivirus program identify apps based on the Chromium browser engine and/or Electron JavaScript framework as malware, and suggest users remove them.

Numerous social media and forum posts made over the weekend detail how Windows has produced a warning of “Behavior:Win32/Hive.ZY” when users run everyday applications like Google’s Chrome browser or the Spotify music streamer.

Hive is a nasty ransomware-as-a-service outfit, so it’s a good thing that Windows Defender antivirus can detect and warn against the presence of its pernicious products.

But neither Spotify nor Chrome are malware or ransomware (despite their info-harvesting practices).

Users were therefore a tad miffed at Windows making constant suggestions to the contrary.

Chat in Microsoft’s forums, helped along by a volunteer expert, diagnosed the issue as a false positive produced by Windows Defender, possibly due to recent browser updates somehow confusing matters. .

Microsoft’s changelog for antimalware products recorded a flurry of eight updates to Windows Defender dated September 4th, suggesting concerted action to resolve the issue.

Version 1.373.1537.0 appears to have done the trick, as forum comments report its application causes the warnings to disappear.

Microsoft HQ in the USA is enjoying a holiday long weekend, which is probably why the company’s social feeds and representatives are silent on the matter at the time of writing.

This is not the first time Microsoft has identified Chrome as Malware: the Reg archive records a similar incident in 2011! Chrome has since gone on to dominate the web browser market. And Microsoft often introduces bug fixes or updates that have unintended consequence of breaking third-party software. ®