Language Selection

English French German Italian Portuguese Spanish

Exploit Allows Windows XP Piracy

Filed under
Microsoft

There's a major chink in Microsoft's Windows XP anti-piracy armor, although Windows users are not at risk of security attacks.

A security researcher in India has discovered an uncomplicated and easy-to-exploit weakness in Microsoft Corp.'s WGA (Windows Genuine Advantage), an anti-piracy initiative that checks whether consumer and small-business customers are running legitimately licensed copies of Windows XP.

Debasis Mohanty, a private vulnerability researcher and analyst of malicious programs, published a detailed proof-of-concept demonstration to show how the WGA validation check can be defeated to generate key codes for use on illegal copies of Windows XP.

Mohanty's findings come as the world's largest software maker prepares a mandatory rollout of the program.

Microsoft has been testing the Genuine Advantage program through its Download Center, where users are urged to validate their copies of XP before obtaining certain software updates, patches and fixes.

If users decide against validating, they are still allowed to obtain the requested downloads, but later this summer updates will only be pushed out to valid copies. Security updates will not require validation, even after WGA goes mandatory.

A Microsoft spokesperson on Monday confirmed Mohanty's findings but insisted that the weakness presented no real threat to the company's attempts to strangle software pirates.

The spokesperson said there were no plans to modify the way WGA works, even after Mohanty's public demonstration, which was posted on a high-profile security mailing list.

Full Story.

More in Tux Machines

today's howtos

Openwashing

Games for GNU/Linux

  • Achieve Global Domination in Agenda, Coming to PC, Mac, Linux on September 21
    Agenda, a strategy simulation from Exordium Games where players control an evil organization seeking world domination, will come to Windows, Mac, and Linux on Sept. 21st, 2016. Players will direct covert operations to increase their control over countries' economies, political parties, militaries, science institutions and media outlets. Operations will entail everything from low key kickbacks to military leaders to the brazen assassination of political rivals.
  • Vendetta Online 1.8.385 MMORPG Drastically Improves Chat and Effect Delays
    Guild Software announced the release of a new maintenance update for their popular and cross-platform Vendetta Online MMORPG (Massively Multiplayer Online Role-Playing Game) 3D space combat title. According to the release notes, Vendetta Online 1.8.385 is an important milestone, and it's here to drastically improve the chat and effect delays reported by users during larger capship battles by implementing a new dynamic server packet-queuing and priority change system, which was tested internally with 200 close-proximity capships per battle.
  • Looks like Subnautica from the Natural Selection 2 developers won't get Linux support
    This is quite sad, it seems we have been left wondering for a while (years) about Subnautica, but a developer has now confirmed a Linux version is not being worked on.

Leftovers: Software

  • GNOME Music 3.22 to Offer Better Sorting of Songs in Albums and Artists Views
    GNOME Music 3.22 is on its way, as well as the GNOME 3.22 desktop environment, due for release next month on September 21, and it looks like we're now able to get an early taste of what's coming in GNOME's default music playback app. GNOME Music 3.22 Beta has been released, distributed as part of the first Beta development milestone of the upcoming GNOME 3.22 desktop environment, and it promises to offer better sorting of tracks in the Artists and Albums views, a "new playlist" entry to the Playlist dialog, and new keyboard shortcuts.
  • bitmath-1.3.1 released
    bitmath is a Python module I wrote which simplifies many facets of interacting with file sizes in various units as python objects. A few weeks ago version 1.3.1 was released with a few small updates.
  • NetworkManager 1.4 Released
  • NetworkManager 1.4: with better privacy and easier to use
    After we released version 1.0 of NetworkManager, it took us sixteen months to reach the 1.2 milestone. This means that it took over a year for some newly added features to reach the user base. Now we are releasing the next major release after just four months.