Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Windows Bug Chrome Microsoft

Microsoft Investigates Bug That Mistakenly Flags Chromium-Based Apps as Malware (windowscentral.com) 44

Windows' "Defender" software is supposed to detect malware. But its Microsoft team is now investigating reports that it's mistakenly flagging Electron-based or Chromium-based applications — as malware.

"It's a false positive, and your computer is OK," wites the blog Windows Central: This morning, many people worldwide experienced Microsoft Defender warning them of a recurring virus threat.... People on Reddit are "freaking out" over not just a reported threat from Microsoft Defender but one that keeps popping up and recurring despite the alleged threat being blocked.

The threat is revealed in a pop-up message noting that "Behavior:Win32/Hive.ZY" has been detected and is listed as "severe." However, after taking action to rectify the issue, it does not go away, and the user will keep receiving the same prompt. The reminder may return after 20 seconds, with the cycle repeating endlessly.

This detection appears to be a false positive, according to a Microsoft Support forum... From DaveM121, an Independent Advisor: [I]t is a bug currently being reported by hundreds of people at the moment, it seems to be related to all Chromium based web browsers and Electron based apps like Whatsapp, Discord, Spotify, etc....

Also affected are Google Chrome and even Microsoft Edge, as well as "anything that runs Visual Studio Code," according to the article.

"The problem seems to originate from Defender's Definition/Update Version 1.373.1508.0, meaning Microsoft needs to update that file, and the issue should be resolved."
This discussion has been archived. No new comments can be posted.

Microsoft Investigates Bug That Mistakenly Flags Chromium-Based Apps as Malware

Comments Filter:
  • by Anonymous Coward

    of course!

    • Isn't Edge Chromium-based, too?
      • Isn't Edge Chromium-based, too?

        Yes. It takes special programming to tell the difference between Microsoft Chromium and Google Chromium.

        • You did not read enough of the summary.

          Also affected are Google Chrome and even Microsoft Edge, as well as "anything that runs Visual Studio Code," according to the article.

          I happen to think the update got it right, Chrome and Edge are malware.

      • ALL multiplatform web browsers are now Chrom*, except Firefox. Funny how the monoculture bites back. it is horrible for security, flexibility, openness, and user choice.

        • Especially when devs code for the specific browser they have in front of them instead of coding to industry standards.

          • >"Especially when devs code for the specific browser they have in front of them instead of coding to industry standards."

            They program to "de facto" standards (meaning whatever is most popular), instead of ACTUAL standards (meaning officially defined and approved by all the industry). Google knows this, just like Microsoft did back in the nightmare days of Internet Explorer. Chrom* is becoming the new IE. It won't be long before sites stop working on Firefox, and not because Mozilla isn't following act

  • Investigate, and the conclude nothing is wrong, everything is peachy-king, the "bug" was a problem with Chromium. Rather like their investigations on LinkedIn with scammers and identity thieves...

    JoshK.

  • Understandable! (Score:5, Insightful)

    by Subsentient ( 6901388 ) on Sunday September 04, 2022 @04:03PM (#62851765)
    Electron-based applications could easily be mistaken as malware. The resource usage of stuff like DIscord and Slack can significantly affect the rest of your system unless you've got an i9 and 64GB of RAM, and many of those apps really like to start at bootup. Sounds like malware to me. :^)
    • Re:Understandable! (Score:5, Insightful)

      by thegarbz ( 1787294 ) on Sunday September 04, 2022 @04:21PM (#62851801)

      I only wish Defender would wipe MS Teams off my underpowered work laptop.

      • Something makes me think of falling corpses when you say this (pew pew).
      • by antdude ( 79039 )

        And its own Windows OS. ;)

      • I don't understand why Teams is such an unbelievable resource hog, considering what it does. I mean, I know they've shoehorned half a dozen other apps into it at this point, and it has its own damn "appstore", but just TYPING seems to cause it to buckle under the strain, and when in a multi-user meeting my i5-based work laptop slows to a damn crawl. OneDrive is almost as bad, too.
    • 64GB is not enough, Slack OOMed for me once on 128GB.

    • by swilver ( 617741 )

      Yeah, the 150 MB Slack is using on my system at the moment is bringing my Pentium Pro 200 MHz almost to its knees.

      • Yeah, the 150 MB Slack is using on my system at the moment is bringing my Pentium Pro 200 MHz almost to its knees.

        I haven't had to run Slack since I quit my last job, but I do remember thinking it was ridiculous how it would use about 500mb of ram, and that was 3 years ago. It's possible that YMMV depending on how big your organization is, or how many channels and conversations you have to follow.
        In any case, you're downplaying it, I'm sure.

      • Try more of a brand-new cheapo Walmart laptop loaded with Fedora and Xfce. 4GB of RAM and a Celeron N4020. It's almost unusably slow, almost, and I have to close Slack if I want the real power this machine has. Slack also uses a surprising amount of what little GPU power this system has. Even loading the Slack web app on my PinePhone brings my phone to its knees. Electron is a cancer, utilized by the green and the stupid. No chat application should need more than 100MB of the system's RAM. I have never met
        • MIRC?

          I think I run it on a windows 95 system with 8MB of ram, and chatting in some large channels - including those with over 1000 users in them.

          As I understand, slack is a jumped up IRC thing anyway, so I really have no idea how they can screw it up.

          PS : Only used slack in a test environment with about 10 users for about a week before it was discarded (couple of years ago). Not sure how much better or worst it is now.

    • Discord and Slack are a walk in de park compared to Teams.
      Sure they can be more efficient but I never seen those slow down my pc. Teams does.
  • Just allowing people to turn this off and get on with things would have been to much to ask, obviously...
    This is like software from 50 years ago when usability was not a thing yet.

    • Just allowing people to turn this off and get on with things would have been to much to ask, obviously...

      You mean like opening "Virus and Threat Protection" > "Manage Settings" > Uncheck "Real-Time Protection"? But you having a clue is too (with extra ooh) much to ask, obviously...

      This is like software from 50 years ago when usability was not a thing yet.

      I wish this software was 50 years old. I have high hopes that if software is around that long that you may one day accidentally learn how to use it and not just randomly talk out of your arse as you do with every mention of any software on Slashdot.

      • You mean like opening "Virus and Threat Protection" > "Manage Settings" > Uncheck "Real-Time Protection"? But you having a clue is too (with extra ooh) much to ask, obviously...

        Some recent updates have disabled this feature. It's now impossible to disable realtime protection even with registry tweaks. Changing the policy no longer works either.

        • Some recent updates have disabled this feature.

          They have not. I've even checked this on of my PCs running an insider build meaning they have no intention of changing it in the coming months either. Incidentally I did only last Wednesday have to disable it due to a false positive on a game trainer I downloaded. /Posted from a current up to date Windows 11 machine running all the latest and greatest patches from Microsoft which very much does not have the feature disabled.

      • by gweihir ( 88907 )

        And obviously, I am not proposing that, as it removes _all_ protection. Yes, I understand your mind is too small for that level of complex idea. But people with a clue may want to disable specific alerts only.

      • by Briareos ( 21163 )

        Just allowing people to turn this off and get on with things would have been to much to ask, obviously...

        You mean like opening "Virus and Threat Protection" > "Manage Settings" > Uncheck "Real-Time Protection"? But you having a clue is too (with extra ooh) much to ask, obviously...

        Well, it does say "You can turn off this setting for a short time before it turns back on automatically." next to it (at least in Windows 10), so you'll probably be doing that on a regular basis...

  • by Anonymous Coward

    Cleanse that Google/Microsoft shitware off your computer once and for all.

    Thank you, Mr Nadella.

  • There seems to be an assumption that the outcome is wrong. Pretty much anything related to google is spyware so it makes sense.

  • If they hadn't done that, it would have been obvious that this was deliberate. As it is, they can make a good claim that it was an accident...

    • If they hadn't done that, it would have been obvious that this was deliberate. As it is, they can make a good claim that it was an accident...

      You're attributing to malice, when we are fully aware of the stupidity this company is capable of.

  • So, is it that Chromium was flagged and MS binaries weren't flagged?

    Interesting.

  • >"it seems to be related to all Chromium based web browsers"

    Which, on MS-Windows, means ALL web browsers, except Firefox.

  • It's too bad that Judge Jackson didn't smack them harder 25 years ago.

    LK

  • This has to be intentional. There is no way this update wasn't even regression tested.

    • by Wolfrider ( 856 )

      --This is what you get when a multibillion dollar company decides to fire their ENTIRE QA team.

      --The smart ones moved away from Windows a long time ago.

  • considering that there are security issues for Chromium based browsers almost on a weekly basis.

  • It will help us get rid of all those electron-based garbage.

"I got everybody to pay up front...then I blew up their planet." "Now why didn't I think of that?" -- Post Bros. Comics

Working...