Click to Skip Ad
Closing in...

Beware: Some Windows 11 installers infect your PC with malware

Published Jul 25th, 2021 3:06PM EDT
Windows 11 Download
Image: Microsoft

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Microsoft surprised fans a few weeks ago with the Windows version we thought we’d never get. After several years of Windows 10, we’re finally moving up a digit to Windows 11. The new operating system isn’t just a cosmetic upgrade that brings over a new paint job. Microsoft has developed several new features for the latest release that make it a notable upgrade.

Windows 11 is available right away in beta form. You can download and install it on a supported machine after signing up for the Insider program that Microsoft runs. Getting Windows 11 in any other way is ill-advised though, because unofficial Windows 11 installers available for download on the internet can contain dangerous malware.

One of the main Windows 11 features concerns security. Microsoft wants the new OS to be safer than ever before. That’s why Windows 11 has stricter hardware requirements. But hackers won’t stop targeting Windows users just because Microsoft is looking to boost security.

It turns out that malicious Windows 11 installers are already available in the wild. Download and run any of them, and you could end up installing potentially dangerous malware on your laptop or desktop. The warning comes from Kaspersky directly. The company identified at least one Windows 11 install kit that delivers a surprise payload.

Malicious Windows 11 downloads

Kaspersky details an executable file called 86307_windows 11 build 21996.1 x64 + activator.exe. The download looks like a genuine file from Microsoft. It weighs 1.75GB, and the size makes it look like the real thing. But once the download is complete, you’ll find that the Windows 11 installer contains no trace of Windows 11.

Kaspersky explains that “the bulk of that space consists of one DLL file that contains a lot of useless information.” Opening the executable starts the installer. But instead of Windows 11, you download and run a “more interesting executable.”

The executable in question is also an installer that comes with a license agreement of its own. It’s labeled as a “download manager for 86307_windows 11 build 21996.1 x64 + activator.” The agreement also notes that the app will install sponsored software on your machine. Accepting the agreement leads to the installation of malicious products, not genuine apps.

Kaspersky says that its anti-virus programs have defeated “defeated several hundred infection attempts that used similar Windows 11–related schemes.” The associated malware usually delivers other installers that can trigger the installation of more dangerous programs. These include “full-fledged Trojans, password stealers, exploits, and other nasty stuff.”

Where to get the genuine installer

There’s only one place where you should look for the Windows 11 beta installer: Microsoft. And you’ll do it all from your Windows 10 device. Just go to Settings, Update & Security, and then the Windows Insider Program. That’s where you’ll have to activate the Dev Channel for the update.

If Microsoft tells you that your device won’t support Windows 11, you shouldn’t seek an unofficial installation. Just make sure your BIOS is set up correctly and try again. Otherwise, you might consider a hardware upgrade to run Windows 11 this fall when the final release drops.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.