Microsoft Defender Advanced Threat Protection (ATP) has wrongfully classified the recent Google Chrome browser update as a backdoor trojan.
Several system admins worldwide have reported that classified the sl.pak component in both Chrome 88.0.4324.104 and 88.0.4324.146 (the latest version, released yesterday) installers as a PHP/Funvalget.A backdoor.
“Hey @msftsecresponse – Seeing lots of Defender ATP alerts this morning on C:Program Files (x86)GoogleChromeApplication88.0.4324.104Localessl.pak detected as PHP/Funvalget.A. Can you confirm this is a false positive? SHA256 in reply,” said @wdwinslow.
ZDNet shared a screenshot showing the Chrome sl.pak language file being tagged as a backdoor and being blocked by the ATP.
Microsoft has yet to confirm that the detection is a “false positive” and not an actual threat and has not yet released a statement.
© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.