Beware of Fake Windows 11 installs Packed with Malware

PC users who want to try Windows 11 before should steer clear of unofficial preview OS downloads. Security research firm Kaspersky has discovered that many of its users were downloading pre-release versions of Windows 11 from sources other than the official Microsoft website.

Kaspersky said that these downloads were often loaded with malware that tried to infect the computers on which they were installed. “A large part of these threats consists of downloaders, whose job it is to download and run other programs,” Kaspersky said.

“Those other programs can be quite varied, from relatively harmless adware, which our solutions classify as non-viruses, to full-blown Trojans, password stealers, exploits, and other nasty things.”

Kaspersky said its products have already defeated several hundred infection attempts by these downloaders. An example involves an executable file called “86307_windows 11 build 21996.1 x64 + activator.exe”.

Kaspersky said the file’s 1.75GB size makes it look like a legitimate downloader, but most of that space consists of a DLL file that contains a lot of useless information.

Opening this executable will launch the installer, which looks like a normal Windows installation wizard. However, its main purpose is to download and run another executable.

“The second executable is also an installer, and it even comes with a license agreement (which few people read) that calls it ‘download manager for 86307_windows 11 build 21996.1 x64 + activator’ and notes that it would install some sponsored software as well. “

“If you accept the agreement, a variety of malicious programs will be installed on your machine.”

Screenshot of fake Windows 11 installer at work
Fake Windows 11 Installer, via Kaspersky

Kaspersky recommended that those who are interested in upgrading to Windows 11 use the official channel to do so. To download the current Windows 11 Preview, you must be running Windows 10 and signing up for the Windows Insider program.

To do this, open Settings, select “Update & Security” and choose “Windows Insider Program“. You will have to opt for the Dev Channel to receive the latest available updates as quickly as possible.

It should be noted that the preview versions of this channel are initial versions that can be unstable. This means that you could be at risk of data loss, performance issues, or security flaws.

Leave a Comment