What Is It?
Here is a BleepingComputer news article written by Lawrence Abrams about a current false positive / malware database (signature update) issue with Microsoft’s Windows Security / Microsoft Defender called: Microsoft Defender Falsely Detects Win32/Hive.ZY In Google Chrome, Electron Apps.
Here is a brief description of this news article:
A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows.
The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.
“This generic detection for suspicious behaviors is designed to catch potentially malicious files.
If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it,” reads the Microsoft detection page for Win32/Hive.ZY.
According to BornCity, the false positive is widespread, with users reporting on BleepingComputer, Twitter, and Reddit that the detections appear each time they open their browser or an Electron app.
John Jr's Blog 