Microsoft Defender Advanced Threat Protection (ATP), the retail version of Defender Antivirus, has identified the Google Chrome browser update (version 88.0.4324.146) introduced yesterday as a backdoor Trojan.
As can be seen in the screenshot shared on Twitter by Catalin Cimpanu, security reporter for ZDNet, Defender ATP for Chrome detects several files that are part of Chrome update v88.0.4324.146 as Trojan horse generic backdoor named "PHP / Funvalget.A".
An "automation error" on the part of Microsoft
It should be noted that Microsoft Defender ATP is the main enterprise security solution of the Redmond brand. It should be noted that several users of Defender in its free version have declared on their Twitter accounts that they do not receive the same alert on Chrome and the possibility of backdoor Trojans.
According to ZDnet, Microsoft said within hours of discovering this issue and users were talking about it on social media that the information Microsoft Defender ATP provided on Chrome files is false positives due to an "automation error."
Suspicions about the December 2020 attacks
Taking into account the fact that during the last month of December 2020 there have been various attacks against the supply chain of the major software companies and that it is still not fully understood the extent that 'they may have had, there are users on Twitter who were concerned that Chrome might be infected.
When we talk about supply chain attacks, we mean that the attackers compromise the security of a third party and thus manage to infiltrate the businesses and customers in general who use their services.
In December, SolarWinds suffered a massive attack. The company was little known, but after its security issue, it became known that its software was used by many of the world's largest companies. Among others, Microsoft. However, now the company that created Windows says this is all a mistake and not a real security issue.