Thursday, 21 April 2022

Microsoft Defender error is giving Google Chrome users a serious fright

Several recent Google Chrome updates have been flagged as potentially harmful by Microsoft's in-built antivirus and endpoint protection service, reports have claimed.

A number of Windows system admin reports have shown that Microsoft Defender for Endpoint has been tagging browser updates delivered via the Google Update service as suspicious.

The activity is thought to be down to a false positive issue, but it's another possible headache for both Microsoft and Google as they try and disseminate their wares to as wide an audience as possible.

False positive

The Windows reports, seen by BleepingComputer, show that affected users were shown an alert concerning a possible "multi-stage incident involving Execution & Defense evasion".

However, Microsoft says it has investigated the issue and found it to be a false alarm caused not by any criminal activity, but a clash of alerts.

"Admins may receive a false positive alert for Google Update on Microsoft Defender for Endpoint monitored devices," Microsoft said. The company later revealed it had fixed the issue after around one and a half hours, with customers now able to fully use Microsoft Defender for Endpoint again.

The news is the second such incident involving Microsoft Defender and false positive alerts within the past few months.

In March 2022, a similar incident saw some Microsoft Office updates flagged as ransomware threats by Defender for Endpoint. Microsoft was again quick to investigate the issue, confirming it was again a false alarm.

In early December 2021, Defender also prevented users from opening some Office files and launching various applications, triggering false positives related to Emotet malware.

Several serious security issues have affected Google Chrome in recent months, including a raft of zero-days. Most recently, the company released Chrome 99.0.4844.84 for Windows, Mac, and Linux to fix a high severity zero-day vulnerability that allows for remote code execution.

Zero-day threats have become a major concern for businesses and end-users alike, with Google's in-house security team recently noting that the number of issues reached a record high in 2021.

Via BleepingComputer

https://ift.tt/PfkJX9Y

No comments:

Post a Comment