Language Selection

English French German Italian Portuguese Spanish

Exploit Allows Windows XP Piracy

Filed under
Microsoft

There's a major chink in Microsoft's Windows XP anti-piracy armor, although Windows users are not at risk of security attacks.

A security researcher in India has discovered an uncomplicated and easy-to-exploit weakness in Microsoft Corp.'s WGA (Windows Genuine Advantage), an anti-piracy initiative that checks whether consumer and small-business customers are running legitimately licensed copies of Windows XP.

Debasis Mohanty, a private vulnerability researcher and analyst of malicious programs, published a detailed proof-of-concept demonstration to show how the WGA validation check can be defeated to generate key codes for use on illegal copies of Windows XP.

Mohanty's findings come as the world's largest software maker prepares a mandatory rollout of the program.

Microsoft has been testing the Genuine Advantage program through its Download Center, where users are urged to validate their copies of XP before obtaining certain software updates, patches and fixes.

If users decide against validating, they are still allowed to obtain the requested downloads, but later this summer updates will only be pushed out to valid copies. Security updates will not require validation, even after WGA goes mandatory.

A Microsoft spokesperson on Monday confirmed Mohanty's findings but insisted that the weakness presented no real threat to the company's attempts to strangle software pirates.

The spokesperson said there were no plans to modify the way WGA works, even after Mohanty's public demonstration, which was posted on a high-profile security mailing list.

Full Story.

More in Tux Machines

Wayland in Fedora 23 Linux Allows for Use of Multiple Monitors with Different DPIs

Fedora Project, through Christian Schaller, was proud to report on the progress made for the next-generation Wayland display server that it might be used by default on the upcoming major release of the Fedora Linux operating system, Fedora 23. Read more

GNOME Developers Discuss Codenames, GNOME 3.18 Might be Dubbed "Gothenburg"

Allan Day, a GNOME UX designer working for Red Hat and renowned GNOME developer/contributor, opened an interesting discussion on the official GNOME mailing list, about possible codenames for upcoming releases of the acclaimed desktop environment for GNU/Linux operating systems. Read more

Developer lowers Drupal's barrier to entry

From a consumer perspective, I'd like open source to be ubiquitous to the point of invisibility. Using recent Ubuntu distros, I'm always shocked at how professional the environment feels. Just five years ago, you'd need to hunt down drivers and do a bunch of fiddling to get basic things like a sound card working. Now there are so many pushbutton ways to deploy open source tech, from OSes to CMS distros on Pantheon to buying an Android-powered mobile phone. We're not quite to the point where CMS users can feel like open source is transparent; there's still a huge investment in vendors to give you the expertise to manage your Drupal or WordPress site, for example. But we're closer than we were a decade ago, and that's pretty exciting. Read more

Intel invests $60 million in drone venture

Intel is investing $60 million in UAV firm Yuneec, whose prosumer “Typhoon” drones use Android-based controllers. Intel Corp. CEO Brian Krzanich and Yuneec International CEO Tian Yu took to YouTube to announce an Intel investment of more than $60 million in the Hong Kong based company to help develop drone technology. No more details were provided except for Krzanich’s claim that “We’ve got drones on our road map that are going to truly change the world and revolutionize the industry.” One possibility is that Intel plans to equip the drones with its RealSense 3D cameras (see farther below). Read more