Bad actors and hackers are increasingly using sophisticated techniques to carry out malicious attacks on unsuspecting users, especially as generative AI has burst onto the scene. What are the odds that you’d run into some trouble trying to install a Windows update on your device?
While it feels like it should be impossible, that’s NOT the case. There’s reportedly a fake Windows support page designed to trick unsuspecting users into downloading malware onto their devices and accessing their confidential data by stealing their passwords.
Article continues below
At the time of analysis, VirusTotal showed zero detections across 69 engines for the main executable and 62 for the VBS launcher. No YARA rules matched, and behavioural scoring classified the activity as low risk. This is not a failure of any single tool. It’s the intended result of the malware’s architecture.
Malwarebytes
A deeper look into the package reveals that it’s hiding malicious code inside an Electron shell. Your device’s security system flags the outer layer, which is a legitimate framework across many apps, but doesn’t go deep enough to catch the malicious script buried within.
As a general rule of thumb, you’ll be much safer checking and downloading new Windows updates from the Settings app in Windows 11. Alternatively, you can head over to Microsoft’s genuine support hub to manually download legitimate Windows updates from support.microsoft.com.
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.