While there are some that say Google’s software is a backdoor to them gathering as much info on you as possible, this is the first time that I have ever heard of antivirus software actually flagging Google software as a backdoor trojan. Microsoft Defender Advanced Threat Protection (ATP), the commercial version of the ubiquitous Defender antivirus and Microsoft’s top enterprise security solution, is currently having a bad day and labeling yesterday’s Google Chrome browser update as a backdoor trojan:
The detections are for Google Chrome 88.0.4324.146, the latest version of the Chrome browser, which Google released last night. As per the screenshot [embedded in the linked story], but also based on reports shared on Twitter by other dismayed system administrators, Defender ATP is currently detecting multiple files part of the Chrome v88.0.4324.146 update package as containing a generic backdoor trojan named “PHP/Funvalget.A.” The alerts have caused quite a stir in enterprise environments in light of recent multiple software supply chain attacks that have hit companies across the world over the past few months. System administrators are currently awaiting a formal statement from Microsoft to confirm that the detection is a “false possitive” and not an actual threat.
The consumer version isn’t behaving the same way. Thus my assumption is that this is a mistake by Microsoft in terms of it’s detection engine and we should have official confirmation of that at some point. Until then, the safe thing to do is to wait until Microsoft comments publicly on this just in case it is a real threat.
Like this:
Like Loading...
Related
This entry was posted on February 3, 2021 at 1:44 pm and is filed under Commentary with tags Google, Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Microsoft Defender ATP is Detecting Yesterday’s Chrome Update As A Backdoor Trojan
While there are some that say Google’s software is a backdoor to them gathering as much info on you as possible, this is the first time that I have ever heard of antivirus software actually flagging Google software as a backdoor trojan. Microsoft Defender Advanced Threat Protection (ATP), the commercial version of the ubiquitous Defender antivirus and Microsoft’s top enterprise security solution, is currently having a bad day and labeling yesterday’s Google Chrome browser update as a backdoor trojan:
The detections are for Google Chrome 88.0.4324.146, the latest version of the Chrome browser, which Google released last night. As per the screenshot [embedded in the linked story], but also based on reports shared on Twitter by other dismayed system administrators, Defender ATP is currently detecting multiple files part of the Chrome v88.0.4324.146 update package as containing a generic backdoor trojan named “PHP/Funvalget.A.” The alerts have caused quite a stir in enterprise environments in light of recent multiple software supply chain attacks that have hit companies across the world over the past few months. System administrators are currently awaiting a formal statement from Microsoft to confirm that the detection is a “false possitive” and not an actual threat.
The consumer version isn’t behaving the same way. Thus my assumption is that this is a mistake by Microsoft in terms of it’s detection engine and we should have official confirmation of that at some point. Until then, the safe thing to do is to wait until Microsoft comments publicly on this just in case it is a real threat.
Share this:
Like this:
Related
This entry was posted on February 3, 2021 at 1:44 pm and is filed under Commentary with tags Google, Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.