Block vulnerable applications beta and EUS:Win32/TvmWarn reported in Chrome

Occasional Contributor



Passing this along for anyone whom it my assist.


Due to all the recent Google Chrome vulnerabilities, I signed up for a trial of M365 Defender Vulnerability Management with the option to block vulnerable apps. I decided to block Chrome until users updated their instance. I pushed the latest one via MEM/Intune.


Then, later I see all my users have malware - EUS:Win32/TvmWarn reported in Chrome. I uploaded the file to virustotal and nothing was detected.  I submitted to and the team reported back that no problem was detected.  


Tonight I scanned my computer again and it was listed as vulnerable.  I then removed the "block vulnerable applications" feature from, scanned again and my system was clean.  The version of Google Chrome and the version of the Defender updates did not change between the two scans.


2022-09-09T23:55:41.314Z DETECTION EUS:Win32/TvmWarn startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-10T02:08:30.888Z Version: Product 4.18.2207.7 Service 4.18.2207.7 Engine 1.1.19600.3 AS 1.375.118.0 AV 1.375.118.0
2022-09-10T02:09:18.154Z DETECTION EUS:Win32/TvmWarn file:C:\Program Files\Google\Chrome\Application\chrome.exe
2022-09-10T02:09:18.154Z DETECTION EUS:Win32/TvmWarn file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-10T02:09:18.154Z DETECTION EUS:Win32/TvmWarn file:C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-10T02:09:18.154Z DETECTION EUS:Win32/TvmWarn file:C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Inte

0 Replies