Microsoft hasn’t yet released Windows 11, but the new operating system is already available for download and preview. Cybercriminals, of course, are exploiting that, slipping malware to users who think they’re downloading Microsoft’s new operating system.
Why download Windows 11 now?
Microsoft actually claimed Windows 10 would be the last release of Windows, that the company would just issue updates from there on out. On June 24 this year, however, the company unveiled Windows 11. And even though under the hood it’s basically Windows 10, Windows 11 is still the OS’s biggest update in six years, with an impressive number of new features and interface modifications.
Officially, Windows 11 will become available to the general public in 2021, but loads of people are trying it out early by installing a prerelease build. Some enthusiasts want to try the new system for its novelty; others, such as tech reporters, to inform users about the new features. As for software developers, they need the OS to perform compatibility testing with their own products and fix any issues before release day.
Although Microsoft has made the process of downloading and installing Windows 11 from its official website fairly straightforward, many still visit other sources to download the software, which often contains unadvertised goodies from cybercriminals (and isn’t necessarily Windows 11 at all).
How scammers fool Windows 11 downloaders
The most straightforward way cybercriminals deceive users is by slipping in something extra (or else).
One example involves an executable file called 86307_windows 11 build 21996.1 x64 + activator.exe. With a file size as large as 1.75GB, it certainly looks plausible. In fact, though, the bulk of that space consists of one DLL file that contains a lot of useless information.
Opening the executable starts the installer, which looks like an ordinary Windows installation wizard. Its main purpose is to download and run another, more interesting executable. The second executable is an installer as well, and it even comes with a license agreement (which few people read) calling it a “download manager for 86307_windows 11 build 21996.1 x64 + activator” and noting that it would also install some sponsored software. If you accept the agreement, a variety of malicious programs will be installed on your machine.
Kaspersky products have already defeated several hundred infection attempts that used similar Windows 11–related schemes. A large portion of that malware consists of downloaders, whose task is to download and run other programs.
Those other programs can be very wide-ranging — from relatively harmless adware, which our solutions classify as not-a-virus, to full-fledged Trojans, password stealers, exploits, and other nasty stuff.
Where and how to download Windows 11 safely
Download Windows 11 from official sources only, as Microsoft advises. So far, Windows 11 is officially available only to participants in the Windows Insider program — that is, you have to register. You’ll also need a device with Windows 10 already installed.
To upgrade your Windows 10 computer to Windows 11, go to Settings, click Update & Security, then select Windows Insider Program and activate Dev Channel to get the update.
We don’t recommend running the update on your main computer; prebuilds can be unstable.
We also advise you to use a reliable security solution and never disable it, so that cybercriminals cannot gain access to your computer through social engineering or vulnerabilities in the not-ready-for-primetime system.