Windows 11: Certain Installers Could Put PCs, Users At Risk

A cybersecurity firm has recently issued a warning to consumers to avoid downloading Windows 11 from sources other than Microsoft since getting the new operating system elsewhere could put their machines at grave risk.

Windows 11 is now available in beta form and people can download and install it on their machines after signing up for Microsoft's insider program. This is the only way to get a genuine Windows 11 installer. Any other way is not advised because according to cybersecurity firm Kaspersky, installers available on the internet could contain malware that can infect the computer and put its owner at risk.

A new blog post from Kaspersky revealed that cybercriminals trick users into believing that the file they got from another source is a genuine Windows 11 installer. But apparently, these malicious actors embed extra programs in the file or simply post malware with a file name that looks like an update.

In fact, according to the cybersecurity firm, an executable file named "86307_windows 11 build 21996.1 x64 + activator.exe" is recently doing rounds online, deceiving a lot of people. The file has a size of 1.75 GB, so many think it's legitimate.

However, once the download is complete, users would discover there is no single trace of Windows 11 in the installer. Instead, most of the space in the file contains one DLL file with a long list of useless details. When consumers run the executable file, the installer, which appears like an ordinary Windows installation wizard, starts.

The main purpose of this is to download and run another executable file, which is also an installer. It comes with a "license agreement" and even contains "download manager for 86307_windows 11 build 21996.1 x64 + activator." When a user accepts the agreement, a spectrum of malicious programs would be installed on their machine.

In the post, Kaspersky revealed that these malicious programs range from substantially harmless adware to "full-fledged Trojans, password stealers, exploits and other nasty stuff."

The cybersecurity firm claimed that its products have already "defeated several hundred infection attempts that used similar Windows 11–related schemes." It also noted that a huge percentage of these threats "consists of downloaders, whose task is to download and run other programs."

Given the threats, consumers should be more vigilant and use only an installer from Microsoft. Additionally, installation should only be done from a Windows 10 device. They simply need to go to Settings, look for Update & Security and find the Windows Insider Program.