Spotlight on Security: Malware authors take advantage of the rush to try Windows 11
Since the next version of Microsoft’s desktop operating system, Windows 11, was announced in June, tech enthusiasts the world over have been keen to try out the new platform. As usual, cybercriminals have jumped on the opportunity to spread malware. Telangana Today reports how malware authors have distributed fake installer programs that include a variety of unwanted and malicious programs along with the new Windows.
Why are people using the fake installers?
Microsoft’s official channels allow users to try out Windows 11 in perfect safety, via their Insider programme. By signing up for this, you can upgrade an existing Windows 10 system to a preview version of the next OS. However, Windows 11 comes with new hardware requirements, which mean that for many users, the option to upgrade will not be available. This gives malware authors the opportunity to trick disappointed tech fans into using their own doctored installers, which include some nasty surprises.
How can you spot the fakes?
Kaspersky’s blog describes the technical details of the threats. By understanding the difference between Microsoft’s genuine installation process and the malicious fakes, alert users can keep their computers safe. Rather than using the Windows Update service, or a complete Windows installation DVD image (ISO file), the cybercriminals use a different method of installation.
The installer file they provide is much smaller than any genuine Microsoft Windows setup program (2 GB rather than 5 GB). This is already a clue in itself. When run, such an installer will initially resemble a genuine Microsoft setup wizard, but then gives further evidence that it is not one. Due to its small size, it cannot complete the installation itself, but has to download an additional setup program. Furthermore, the secondary installer will itself encourage the user to install additional software, claiming that this is e.g. a download manager. All this is completely unlike a genuine Windows installer.
Kaspersky note that there is a range of different fake Windows 11 installers out there, each installing its own unwanted software. This may be relatively harmless adware, but could equally well be highly malicious password-stealing software, or indeed any type of malware.
How can I test Windows 11 safely?
Very sensibly, Kaspersky advise users to utilise only Microsoft’s official upgrade process if they want to try out Windows 11. For Windows enthusiasts whose PCs do not meet the minimum hardware requirements, we can recommend a totally safe means of trying out a genuine Windows 11 preview version. Whilst Microsoft strictly enforces the current Windows 11 hardware limitations strictly on physical PCs, they have relaxed them for installations on a virtual machine. This means that by using virtualisation, you can try out the new OS safely.
Kaspersky also advise users not to use preview builds – even completely safe, genuine Microsoft builds – on the main computer you use everyday. Microsoft themselves do the same thing. This is because the very nature of preview builds mean that they are not as reliable as the finished product. By using a virtual machine, you can try out Windows 11 safely, and without the risk of destabilising the computer you use every day. There are good, free virtualisation programs available. You will need to start off by installing Windows 10 in a virtual machine, registering for the Windows Insider program, and then selecting the release channel that suits you best for Windows 11 builds.
This might take longer than using a fake Windows 11 installer, but will guarantee you a safe and reliable way to try out a genuine build of the new operating system.
What else should I do to keep my PC secure?
As well as showing users how to avoid fake Windows 11 installers, Kaspersky’s blog further recommends always running a reliable antivirus program on your computer and never disabling it. AV-Comparatives agree completely with this advice. Our test reports can help you to find an effective and reliable antivirus solution that will help keep your computer safe. These can be downloaded free and without registration. By the way, genuine preview builds of Windows 11 come with Microsoft Windows Defender Antivirus built in.
AV-Comparatives is an independent testing lab based in Innsbruck, Austria, and has been publicly testing computer security software since 2004. It is ISO 9001:2015 certified for the scope “Independent Tests of Anti-Virus Software”. It also holds the EICAR certification as a “Trusted IT-Security Testing Lab”.