Language Selection

English French German Italian Portuguese Spanish

Another way past Windows antipiracy found

Filed under
Microsoft

The check is meant to prevent people with pirated copies of the operating system from downloading additional software from Microsoft. By changing a setting in a Microsoft validation tool called "GenuineCheck.exe," it's possible to generate a code that will validate the Windows software on a machine as genuine even if it is pirated, according to a Web site publicized on Thursday in a posting to the popular Full Disclosure security mailing list.

Microsoft would not confirm that the method works, but the software maker is investigating the issue, a company representative said. "It is not a surprise for us that those who never intended to pay for software would try to find some way to circumvent Windows Genuine Advantage," the representative said.

Microsoft last week made the Windows piracy check mandatory for all customers who want to download add-ons for Windows XP and 2000. The effort, dubbed Windows Genuine Advantage, requires users to verify that they have a legitimate copy of the operating system before they can get files from Microsoft's download Web sites.

Tricking the check

For the software maker, the news could be another episode of people finding a way to get around WGA. Last week, several Web sites said it was possible to bypass the piracy lock by several means, including pasting a JavaScript string into the Web browser. Earlier this year, during WGA's pilot phase, a security researcher outlined another way to trick the check.

The GenuineCheck.exe tool is meant to provide an alternative way for people to prove that their copy of Windows is an official Microsoft version. The primary WGA checking mechanism uses ActiveX, which is not supported in all Web browsers. The popular open-source Firefox Web browser, for example, does not support ActiveX.

"To make the validation experience as user-friendly as possible, Microsoft engineered a process that enables customers to validate their systems easily, and unfortunately, unscrupulous users are able to exploit that," the Microsoft representative said.

According to the Thursday posting, all a PC user apparently has to do to have GenuineCheck.exe generate a valid code on a machine with pirated Windows XP is to run it in Windows 2000 compatibility mode. This is done by downloading the tool, right-clicking on the file and selecting "properties." Then select the "compatibility" tab in the menu and change the compatibility mode.

If the method actually works, it may be short-lived. "Microsoft will be updating the validation system from time to time and plans to address these issues," the Microsoft representative said.

WGA is a stepped-up effort by Microsoft to increase the number of Windows users that are actually paying Microsoft for its software. At the moment, the company estimates that roughly a third of Windows copies worldwide are not legitimate.

By Joris Evers
CNET News.com

More in Tux Machines

Librem 15 Is a Beast of a Linux Laptop with a Gorgeous Finish

Librem 15 aims to be the only laptop coming with completely free software and its makers are looking to get some funding through a crowdfunding campaign. You might think that if a laptop ships with any Linux distribution, then it would stand to reason that it would be loaded with free and open source software, but the truth is that it's not that simple or even intuitive. For example, it's true that the Linux kernel is an open source project and that it's freely distributable, but there are some people in the community that say it's not enough. Read more

Google and Facebook feel the wrath of German open source advocate

Open-Xchange CEO Rafael Laguna has hit out at the closed nature of services offered by Silicon Valley giants like Google and Facebook. Speaking in Paris earlier this month, Laguna said many of Silicon Valley's largest companies, and others like them, need to open up their proprietary systems to comply with laws around the world and uphold many of the citizen’s rights that people have fought for over the last several hundred years. Read more

Best of open hardware in 2014

Open hardware is the physical foundation of the open movement. It is through understanding, designing, manufacturing, commercializing, and adopting open hardware, that we built the basis for a healthy and self-reliant community of open. And the year of 2014 had plenty of activities in the open hardware front. Read more

Open Source Online Game Gets Students Excited About Linux

When Razvan Rughinis began teaching the introductory operating systems course at University Politehnica of Bucharest in Romania 10 years ago, he was challenged to get students interested in Linux and keep them interested for the entire three-month course. Many first-year computer science students have no experience with Linux, and they have no interest in learning it, said Rughinis a professor in the Computer Science and Engineering Department. And those students who do know Linux are regarded as unusual and treated as social outcasts, he said. “They wouldn't pay attention to the first experience to see what Linux has to offer; not just the desktop, but how the services work and the depth of the system,” he said. “It's a steep learning curve for students coming from high school. Their first encounter was too difficult.” Read more