May 23, 2005 2:46 PM PDT
Bypass found for Windows piracy check
Researcher Debasis Mohanty outlined what he said was a technique to trick Microsoft's Windows Genuine Advantage validation check in a posting to the Full Disclosure security mailing list on Monday. WGA is a software tool that verifies whether a particular copy of the operating system is properly licensed.
Using a secondary Microsoft validation tool called "GenuineCheck.exe," it may be possible for people to trick the checking mechanism, Mohanty said in the posting. They could then download and run supposedly restricted software from Microsoft's Download Center on a PC running a pirated version of Windows, Mohanty wrote.
Microsoft confirmed that the technique could circumvent the piracy check, but a representative said Monday that the company is not worried.
"This represents very little threat to Microsoft," the representative said. "We expected counterfeiters to try a number of different methods to circumvent the safeguards provided by Windows Genuine Advantage."
The company has been testing the WGA piracy lock on its Download Center and Windows Update Web sites for several months. It has said that by an unspecified date in the middle of this year, all Windows XP and Windows 2000 users will have to validate their copy of Windows before they can download from the Web sites.
The GenuineCheck.exe tool used to bypass the check is meant to provide an alternative way for users to prove that their copy of Windows is genuine. The primary Windows Genuine Advantage checking mechanism uses ActiveX, which is not supported in all Web browsers.
GenuineCheck generates a code that can subsequently be used to validate a pirated copy of Windows, according to Mohanty's posting. However, a PC running a legitimate version of Windows is required to run the GenuineCheck tool.
The threat is mitigated because the keys generated by the GenuineCheck tool expire "rapidly," the Microsoft representative said. Consequently, it would not do anyone much good to put up a Web page with a list of keys. Still, somebody would be able to generate a key and use it immediately on a PC with a pirated copy, or pass it on to a friend.
"This is more of an individual method of pirating. We don't see this as too different from people who take legitimate software, burn it to a CD and distribute it to their friends that way," the Microsoft representative said.
Microsoft's Download Center and Windows Update Web sites offer applications such as Windows Media Player and the Windows AntiSpyware product, as well as security updates for Microsoft products. The trick with the GenuineCheck tool works only on Download Center, according to Microsoft.
When the Windows Genuine Advantage pilot program began last year, it was purely optional, with no benefit for verifying one's operating system and no penalty if the OS was found not to be genuine. Microsoft has gradually expanded the piracy check and is now withholding downloads for users of some international versions of Windows XP.
18 commentsJoin the conversation! Add your comment