Hackers Claim Crack of Microsoft Genuine Advantage Scan

By David Morgenstern


Microsoft Corp. on Tuesday pushed its WGA program over the Internet, hoping to thwart users running illegal or pirated copies of Windows XP and Windows 2000.
However, online enthusiast sites reported on Thursday that the verification method had been broken in 24 hours. ADVERTISEMENT
According to one site, the hack is simply a short JavaScript string that is pasted into the address bar of Internet Explorer before users make a choice in one of the Windows Update screens.


WGA certifies that a user's system is running a genuine and legal copy.

This certification is now needed before users can receive non-security updates from Microsoft's Windows Update, Microsoft Update and Download Center sites.

The Windows Genuine Advantage program targets Windows XP Professional, Windows XP Home, Windows XP Tablet editions and Windows 2000 systems. According to Microsoft, about 80 million Microsoft Windows customers use these services monthly.

Examples of popular applications covered under the Genuine Advantage program include Windows Media Player, DirectX for gaming and the new Windows anti-spyware products.

Click here to read more about Microsoft lowering the boom on illegal copies of Windows. http://www.eweek.com/article2/0,1895,1840634,00.asp


Microsoft uses an ActiveX control to validate users' software automatically. It is able to identify a genuine system by doing several checks. The text string entered into the browser appears to defeat the scan and allow updates.

A Microsoft spokesperson stressed expressed concern that users might mistake this issue as a security vulnerability rather than one of piracy.

"WGA differentiates genuine Windows software from counterfeit software enabling customers to enjoy the capabilities they expect, confidence that their software is authentic and [take advantage of] ongoing system improvements that help them do more with their PCs, including over $450 in software and discounts only available to genuine users," the spokesperson said. "Because of the high value we are providing to genuine users, we're not surprised hackers would try a number of methods to circumvent the safeguards provided by WGA."

According to the spokesperson, the company was investigating the claims at this time and would take action in response as appropriate. "As the validation system is updated from time to time, we will address this and other issues that may arise," he continued.

"Keep in mind, our objective with WGA is to empower users who are victims of piracy and counterfeiting by enabling them to receive genuine Windows. Over 40 million people chose to participate over the past 10 months, which tells us that customers value what our program has to offer," he concluded.

Read more here about reactions to Microsoft's attempts to crack down on piracy. http://www.eweek.com/article2/0,1895,1786884,00.asp

The latest reports follow on the heels of an earlier workaround uncovered by a security researcher in May.

In that case, a private vulnerability analyst published a detailed proof-of-concept demonstration that showed how the WGA validation check could be defeated by generating new WGA key codes.

Editor's Note: This story was updated to include comments from a Microsoft spokesperson.

Check out eWEEK.com's Windows Center for Microsoft and Windows news, views and analysis.

http://www.eweek.com/article2/0,1759...129TX1K0000610

Copyright (c) 2005 Ziff Davis Media Inc. All Rights Reserved.