Tech giant Microsoft hasn’t released the new version of Windows i.e. Windows 11 yet. Cybercriminals, of course, are exploiting that, slipping malware to users who think they’re downloading Microsoft’s new operating system.

The most straightforward way cybercriminals deceive users is by slipping in something extra (or else).

According to Kaspersky, One example involves an executable file called 86307_windows 11 build 21996.1 x64 + activator.exe. With a file size as large as 1.75GB, it certainly looks plausible. In fact, though, the bulk of that space consists of one DLL file that contains a lot of useless information.

Opening the executable starts the installer, which looks like an ordinary Windows installation wizard. Its main purpose is to download and run another, more interesting executable. The second executable is an installer as well, and it even comes with a license agreement (which few people read) calling it a “download manager for 86307_windows 11 builds 21996.1 x64 + activator” and noting that it would also install some sponsored software. If you accept the agreement, a variety of malicious programs will be installed on your machine.

Buy Me a Coffee

Where and how to download Windows 11 safely

Download Windows 11 from official sources only, as Microsoft advises. So far, Windows 11 is officially available only to participants in the Windows Insider Program — that is, you have to register. You’ll also need a device with Windows 10 already installed.

To upgrade your Windows 10 computer to Windows 11, go to Settings, click Update & Security, then select Windows Insider Program and activate Dev Channel to get the update.