Language Selection

English French German Italian Portuguese Spanish

Another way past Windows antipiracy found

Filed under
Microsoft

The check is meant to prevent people with pirated copies of the operating system from downloading additional software from Microsoft. By changing a setting in a Microsoft validation tool called "GenuineCheck.exe," it's possible to generate a code that will validate the Windows software on a machine as genuine even if it is pirated, according to a Web site publicized on Thursday in a posting to the popular Full Disclosure security mailing list.

Microsoft would not confirm that the method works, but the software maker is investigating the issue, a company representative said. "It is not a surprise for us that those who never intended to pay for software would try to find some way to circumvent Windows Genuine Advantage," the representative said.

Microsoft last week made the Windows piracy check mandatory for all customers who want to download add-ons for Windows XP and 2000. The effort, dubbed Windows Genuine Advantage, requires users to verify that they have a legitimate copy of the operating system before they can get files from Microsoft's download Web sites.

Tricking the check

For the software maker, the news could be another episode of people finding a way to get around WGA. Last week, several Web sites said it was possible to bypass the piracy lock by several means, including pasting a JavaScript string into the Web browser. Earlier this year, during WGA's pilot phase, a security researcher outlined another way to trick the check.

The GenuineCheck.exe tool is meant to provide an alternative way for people to prove that their copy of Windows is an official Microsoft version. The primary WGA checking mechanism uses ActiveX, which is not supported in all Web browsers. The popular open-source Firefox Web browser, for example, does not support ActiveX.

"To make the validation experience as user-friendly as possible, Microsoft engineered a process that enables customers to validate their systems easily, and unfortunately, unscrupulous users are able to exploit that," the Microsoft representative said.

According to the Thursday posting, all a PC user apparently has to do to have GenuineCheck.exe generate a valid code on a machine with pirated Windows XP is to run it in Windows 2000 compatibility mode. This is done by downloading the tool, right-clicking on the file and selecting "properties." Then select the "compatibility" tab in the menu and change the compatibility mode.

If the method actually works, it may be short-lived. "Microsoft will be updating the validation system from time to time and plans to address these issues," the Microsoft representative said.

WGA is a stepped-up effort by Microsoft to increase the number of Windows users that are actually paying Microsoft for its software. At the moment, the company estimates that roughly a third of Windows copies worldwide are not legitimate.

By Joris Evers
CNET News.com

More in Tux Machines

GNU/Linux and Servers

Kernel Space: Linux, Graphics

Leftovers: Software and Games

  • Best Linux remote desktop clients: Top 5 RDC in 2017
    This article was provided to TechRadar by Linux Format, the number one magazine to boost your knowledge on Linux, open source developments, distro releases and much more. Subscribe to the print or digital version of Linux Format here. SSH has been the staple remote access tool for the sysadmins since its advent. The cryptographic network protocol is synonymous with remote network services over an unsecured network. Admins use SSH to mount remote directories, backup remote servers, spring-clean remote databases, and even forward X11 connections. The popularity of single-board computers, such as the Raspberry Pi, has introduced SSH into the parlance of the everyday desktop users as well.
  • A Powerful Dual-Pane File Manager `Double Commander` New Update for Ubuntu/Linux Mint
    Double Commander is a powerful open source & cross platform file manager, inspired from total commander file manager but includes new ideas and features. It brings dual pane side by side experience to enhance the use of GUI for the user. The main window of the application is separated by two panels side by side that allow you to view the content of two different location or same and browse through folders with ease. For each file, image or folder, details such as name, extension, size, date and attributes are displayed in the list.
  • SoftMaker Office 2016 – Your alternative to LibreOffice?
    Depending on how you look at it, the world of office suites for Linux is either very rich or very poor. As the rather obscure idiom says: the tailor (hence the cliche suit reference) always goes naked. But in essence, you’re either using LibreOffice – used to be OpenOffice – or maybe something else. Probably nothing. However, there are quite a few office products for Linux: Kingsoft Office, SoftMaker Office, Calligra, standalone Abiword, some others, each offering a slightly different aesthetic and functional approach. We talked about this in the office suite competition article back in 2013, and a lot has changed since. LibreOffice finally became suitable for use side by side with Microsoft Office, as far as decent document conversion and fidelity go, and every one of these products has seen a large number of major and minor number increments. In the original piece, SoftMaker Office was kind of a dud, and it’s time to give it a full review. Let us.
  • Reports: PS4 is selling twice as well as Xbox One, overall [Ed: Xbox continues to be a loser]
    Microsoft stopped providing concrete sales data for its Xbox line years ago, making it hard to get a read on just how well the Xbox One is doing in the market compared to Sony's PlayStation 4. Recent numbers released by analysts this week, though, suggest that Sony continues to dominate this generation of the console wars, with the PS4 now selling twice as many units worldwide as the Xbox One since both systems launched in late 2013. The first set of numbers comes from a new SuperData report on the Nintendo Switch, which offhandedly mentions an installed base of 26 million Xbox One units and 55 million PS4 units. That report is backed up by Niko Partners analyst Daniel Ahmad, who recently tweeted a chart putting estimated Xbox One sales somewhere near the middle of the 25 million to 30 million range.
  • PPSSPP (PSP) Emulator 1.3.0 Version Released, Install in Ubuntu/Linux Mint
    PPSSPP is a PSP emulator written in C++, and translates PSP CPU instructions directly into optimized x86, x64 and ARM machine code, using JIT recompilers (dynarecs). PPSSPP is an open source project, licensed under the GPL. PPSSPP can run your PSP games on your PC in full HD resolution, it is cross-platform application. It can even upscale textures that would otherwise be too blurry as they were made for the small screen of the original PSP.

Security Leftovers