Kaspersky Warns Fake Windows 11 Installers Are Spreading Malware

Long-time Slashdot reader Ammalgam writes: If you're planning to install Windows 11, you should make sure you download it from official sources. This is because, people who are using pirated or fake methods to get Windows 11 are also downloading malware along with it, according to Kaspersky.

The particular file referenced is called 86307_windows 11 build 21996.1 x64 + activator.exe. While it sounds like it includes Windows 11 build 21996.1, and an installer that will automatically activate Windows for you there are some red flags. First, it's only 1.75GB, so while people who want to install Windows 11 might think that's a large file that could be Windows, a real Windows 11 ISO is about 4.87GB...
"The 1.75 GB file looks legitimate. But most of this space consists of one DLL file that contains a lot of useless information," explains Mint.

And Kaspersky adds that "it even comes with a license agreement (which few people read) calling it a 'download manager for 86307_windows 11 build 21996.1 x64 + activator' and noting that it would also install some sponsored software. If you accept the agreement, a variety of malicious programs will be installed on your machine."

Kaspersky sure they are "fake" Win11 installers?

[mykepredko]

I'm expecting that the genuine Win11 article would be considered "malware" in many respects.

Re:

[Neuroelectronic]

hheh

Re:

[radarskiy]

I am old enough to remember when Mcafee identified Windows as malware and deleted it. Then the company I worked for bought Mcafee.

Real installers

[Anonymous Coward]

Wait a second, what were the real installers spreading then?

Re:

[iggymanz]

the adware spyware Microsoft has deemed essential to your system and their bank account.

Re:Real installers

[suss]

Windows 11, the one that comes after "The last version of Windows ever".

Re:

[gweihir]

Windows 11, the one that comes after "The last version of Windows ever".

Yep. I guess the marketing lie was not effective anymore, so they needed something new.

Ah yes, the delimma is real..

[NicknameUnavailable]

..Cortana et al Microsoft-brand spy/malware, or "unofficial" malware.

Did not take long

[jmccue]

Did not take long for an Issue with Windows 11, and it is not even released.

If only M/S would distribute Windows as iso or a USB image like all sane Operating Systems do. Then people could check the media themselves instead of relying on some hidden check.

Re:Did not take long

[Retired ICS]

WIndows can be downloaded as an ISO image and you have been able to do so forever. Just use a real computer to visit the download link: https://www.microsoft.com/en-u... [microsoft.com]

Re:

[thegarbz]

Did not take long for an Issue with Windows 11, and it is not even released.

That kind of just sums up the entire world doesn't it. MS getting blamed for things entirely not MS's fault.

If only M/S would distribute Windows as iso or a USB image like all sane Operating Systems do. Then people could check the media themselves instead of relying on some hidden check.

They do. Just not for dev channel builds which get distributed via Windows Update. There's a fairly straight forward and official way to play with Windows 11 if you so wish. Stupid people are stupid. Always have been.

Re:

[tlhIngan]

Did not take long for an Issue with Windows 11, and it is not even released.

If only M/S would distribute Windows as iso or a USB image like all sane Operating Systems do. Then people could check the media themselves instead of relying on some hidden check.

Windows is distributed as an ISO image. Microsoft makes it available.

Windows 11 is in effectively a private beta. Just Microsoft betas involve so many people that it will leak out. Microsoft is not providing a publicly available beta of Windows 11 at this

Re:

[gweihir]

MS crap will start to follow sound practices just shortly before they go of of business. These people simply do not have what it takes and owe their success solely to historical accidents and marketing. If they had to compete on merit, they would never have amounted to anything. The perversions of a "market" at work.

Hmm

[mobby_6kl]

"The 1.75 GB file looks legitimate. But most of this space consists of one DLL file that contains a lot of useless information," explains Mint.

So how is this different from the actual Microsoft installer again?

What's the diff?

[Tablizer]

How do you tell if they are fake if the real installers also install snoopware?

What?

[Retired ICS]

They do not need to be "fake". Windows 11 *IS* malware ...

remember different editions of Windows?

[Anonymouse Cowtard]

Maybe it's just Windows 11 Botfarm Edition with Service Pack 2?

Checksums

[LenKagetsu]

Why is this article not listing checksums of the legitimate file, and the checksums of the malware? Filenames and filesizes are trivial to spoof, but spoofing a checksum is all but impossible.

Re:

[Kazymyr]

Because there is no official file. All the w11 images so far have been unofficial leaks.

Re:

[gweihir]

Why is this article not listing checksums of the legitimate file, and the checksums of the malware?

Simple: The typical Windows luser is not capable of checking those.

And..

[Ronin Developer]

Tell me again why we should worry about people intent on stealing commercial software and get infected by malware???

Re:

[tlhIngan]

Tell me again why we should worry about people intent on stealing commercial software and get infected by malware???

That's a good question , actually. For those with access to the beta, they have the official download link AND the hashes required to verify the file.

It's not just piracy, it's piracy of a file that is not publicly available.

Saw what you did there, Slashdot eds =)

[Provocateur]

Why did you place this breaking news right after the *superbug* news item?

I'm sure that was unintentional