Watch out for fake Windows 11 installers – they’re riddled with malware
Only download your Windows 11 installers direct from Microsoft.
Windows 11 is now in “broad deployment for eligible devices,” but be careful where you download it from. The day after Microsoft’s announcement, security researchers noticed a website offering fake Windows 11 downloads that were full of malware.
The website in question was noticed by security researchers at HP. At first glance, the website seemed legitimate. It used Microsoft’s images, was similar in style to the official website, and had the URL “windows-upgraded.com.” Sounds legit, right?
When you clicked on the Download Now button, instead of a Microsoft file you got something else. A 1.5MB ZIP archive named “Windows11InstallationAssistant.zip.” That seems in line with Microsoft’s naming style, although it downloads straight from a Discord CDN (content delivery network).
Unpacking that file gets you a 754MB file folder, with an executable file inside. Just an FYI, that’s not how Microsoft deals with Windows upgrades anymore. Then again, not everyone has used the new install options to know what they look like.
Running that fake Windows 11 installer file sets a complicated chain of events into action. The end result? RedLine Stealer is installed, which BleepingComputer calls “the most widely deployed password, browser cookie, credit card, and cryptocurrency wallet info grabber.”
The upshot of this? There’s only one official place to get the upgrade to Windows 11 for your PC. That’s direct from Microsoft. Any other source runs the risk of malware, regardless of how legit the website seems.
That said, If your computer is still running an earlier version of Windows, use the PC Health Check app to find out if you can upgrade to Windows 11, and stay away from fakes.
- Does Microsoft have any plans for a HoloLens 3?
- How to uninstall Windows 11 updates
- Android apps and taskbar upgrades are coming to Windows 11
- How to create, customize, and delete Google Chrome profiles