Windows 11 official launch is due tomorrow, October 5. Windows 10 users with eligible devices are presented with the option of a free upgrade. You can also buy a new computer with a pre-loaded Windows 11 operating system. But is Windows 11 worth the upgrade, and more importantly, how secure is it? Is there any indication of Windows 11 malware on the loose?
Let’s see what the experts have discovered so far in terms of Microsoft’s freshly baked OS.
The very first thing worth noting is that Windows 11 is not entirely fresh, as it repurposes some of the cancelled Windows 10X code, without its unified version. Nonetheless, there are still lots of novelties making their way, such as a redesigned Settings menu and a huge redesign of Microsoft Store. The latter will allow Android apps from Amazon App Store to be downloaded. However, it appears that Android apps won’t actually be part of Windows 11 on launch day, and there is still no date to confirm this.
Scammers Weaponizing Windows 11 in Various Campaigns
In terms of security, there aren’t any reports of malware specifically created to target the latest Microsoft OS… yet. But with such a big and significant release, it is inevitable that hackers will be looking into ways to abuse it for their profit. In fact, there are already cases of malware hiding in Windows 11 installer downloads on third-party download and torrent sites, according to Kaspersky.
“Kaspersky products have already defeated several hundred infection attempts that used similar Windows 11–related schemes. A large portion of these threats consists of downloaders, whose task is to download and run other programs,” the company said in a recent blog post detailing the attempts to weaponize Windows 11. “Those other programs can be very wide-ranging — from relatively harmless adware, which our solutions classify as not-a-virus, to full-fledged Trojans, password stealers, exploits, and other nasty stuff,” Kaspersky added.
Another example of hackers exploiting the hype surroung the newest OS includes a phishing campaign ochestrated by the well-known FIN7 hacking group. The threat actor has already been using Win11 themes in an attempt to trick recipients in a recent phishing campaign targeting a PoS (point-of-sale) company.
According to Anomali’s report, the infection chain was initiated by a Microsoft Word document (.doc) that contained a décor image claiming to have been made with the help of Windows 11 Alpha.
The image would ask the potential victim to enable editing and enable content to continue with the next stage of activity. After analyzing the file, the researchers discovered a VBA macro populated with junk data as comments. In fact, junk data is commonly used to impede analysis. Once this data was removed, a VBA macro was revealed.
As it seems… “Windows 11 is going to be hot in the cybercriminal world, and the topic has proved to be a great hook to scoop up a multitude of victims,” Ian Thornton-Trump, the chief information security officer at Cyjax, told Davey Winder for Forbes.
How Secure Can Windows 11 Truly Be? The Threat of Windows 11 Malware
Microsoft has been strongly emphasizing on “the security by design” intended for the Windows 11 package, with much of the attention dedicated to the hardware part of security: the so-called Windows 11 Trusted Platform Module.
“The Trusted Platform Module (TPM) is a chip that is either integrated into your PC’s motherboard or added separately into the CPU. Its purpose is to help protect encryption keys, user credentials, and other sensitive data behind a hardware barrier so that malware and attackers can’t access or tamper with that data,” Microsoft explained in a blog post.
TPM 2.0 is a critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data. In addition, for many enterprise customers, TPMs help facilitate Zero Trust security by providing a secure element for attesting to the health of devices.
But what about the threat of malware? According to Corey Nachreiner from WatchGuard Technologies, TPM does improve the security of a device, but the threat of malware remains, as some attacks “still work fine” even on TPM-protected systems.
What any cybersecurity expert would most likely say is that Windows 11, despite being advertised as the most secure OS, will still be prone to malware. Just like its predecessor Windows 10, and Windows 7 before that. Since it shares a huge part of the codebase of previous versions, hackers will quickly find ways to exploit Windows 11.
Windows 11 Built-in Protections
Of course, a computer with the latest hardware security features is far more secure than an older PC without them. But it is noteworthy that some Windows 10 versions, such as Windows 10 version 20H2, already use the above-mentioned hardwarde improvements. And even though Windows 11 introduces a new unique security feature, Windows Hello for Business, enabling a password-free sign-on on enterprise devices, it won’t make much difference to the home user in terms of security.
Microsoft’s latest comes with a built-in anti-malware protection, Windows Defender. Users have already been facing issues with the app in the preview builds of Windows 11. Apparently, the company released a faulty update in August that caused some serious problems with Windows Security app that manages Windows Defender and other security features.
But issues are typically expected of a preview build and beta releases. Keep in mind that if you decide to test a beta release of any software, there will be risks, especially in terms of security. As AV Comparatives pointed out, “if you’re running a preview version of Windows 11, don’t rely on any antivirus, Microsoft or otherwise, to protect any mission-critical data.”