Microsoft Defender ATP detects yesterday’s Chrome update as a backdoor

Microsoft Defender Advanced Threat Protection (ATP), the commercial version of the ubiquitous Defender antivirus and Microsoft’s top enterprise security solution, is currently having a bad day and describes yesterday’s update of Google Chrome as a backdoor trojan.

The traces, as can be seen in a screenshot above, shared with ZDNet by one of our readers, is for Google Chrome 88.0.4324.146, the latest version of the Chrome browser, which Google released last night.

According to the screenshot above, but also based on reports shared by other troubled system administrators on Twitter, Defender ATP is currently detecting several files that are part of the Chrome v88.0.4324.146 update package that is a generic backdoor trojan named ” PHP / Funvalget “contains. A. ”

The warnings have caused a major uproar in enterprise environments in light of the recent attacks by software supply chains that have hit businesses around the world in recent months.

System administrators are awaiting a formal statement from Microsoft to confirm that the detection is a “false possibility” and not a real threat.

ZDNet published a Microsoft spokesperson before this article to request a formal statement on the ATP detection.

Chances are high that this is indeed a bug detection, but until a formal announcement, administrators are advised to wait before taking any other action.

The free version of Microsoft Defender antivirus, one that comes with all recent versions of Windows, maliciously detected the recent Chrome update ZDNet tests.

Updated at 15:55 ET to add that Microsoft has confirmed that today’s Funvalg detection for Chrome files was false positive detection due to an ‘automation error’.