Language Selection

English French German Italian Portuguese Spanish

Exploit Allows Windows XP Piracy

Filed under
Microsoft

There's a major chink in Microsoft's Windows XP anti-piracy armor, although Windows users are not at risk of security attacks.

A security researcher in India has discovered an uncomplicated and easy-to-exploit weakness in Microsoft Corp.'s WGA (Windows Genuine Advantage), an anti-piracy initiative that checks whether consumer and small-business customers are running legitimately licensed copies of Windows XP.

Debasis Mohanty, a private vulnerability researcher and analyst of malicious programs, published a detailed proof-of-concept demonstration to show how the WGA validation check can be defeated to generate key codes for use on illegal copies of Windows XP.

Mohanty's findings come as the world's largest software maker prepares a mandatory rollout of the program.

Microsoft has been testing the Genuine Advantage program through its Download Center, where users are urged to validate their copies of XP before obtaining certain software updates, patches and fixes.

If users decide against validating, they are still allowed to obtain the requested downloads, but later this summer updates will only be pushed out to valid copies. Security updates will not require validation, even after WGA goes mandatory.

A Microsoft spokesperson on Monday confirmed Mohanty's findings but insisted that the weakness presented no real threat to the company's attempts to strangle software pirates.

The spokesperson said there were no plans to modify the way WGA works, even after Mohanty's public demonstration, which was posted on a high-profile security mailing list.

Full Story.

More in Tux Machines

today's howtos

Ubuntu 16.04.2 LTS Delayed Until February 2, Will Bring Linux 4.8, Newer Mesa

If you've been waiting to upgrade your Ubuntu 16.04 LTS (Xenial Xerus) operating system to the 16.04.2 point release, which should have hit the streets a couple of days ago, you'll have to wait until February 2. We hate to give you guys bad news, but Canonical's engineers are still working hard these days to port all the goodies from the Ubuntu 16.10 (Yakkety Yak) repositories to Ubuntu 16.04 LTS, which is a long-term supported version, until 2019. These include the Linux 4.8 kernel packages and an updated graphics stack based on a newer X.Org Server version and Mesa 3D Graphics Library. Read more

Calamares Release and Adoption

  • Calamares 3.0 Universal Linux Installer Released, Drops Support for KPMcore 2
    Calamares, the open-source distribution-independent system installer, which is used by many GNU/Linux distributions, including the popular KaOS, Netrunner, Chakra GNU/Linux, and recently KDE Neon, was updated today to version 3.0. Calamares 3.0 is a major milestone, ending the support for the 2.4 series, which recently received its last maintenance update, versioned 2.4.6, bringing numerous improvements, countless bug fixes, and some long-anticipated features, including a brand-new PythonQt-based module interface.
  • Due to Popular Request, KDE Neon Is Adopting the Calamares Graphical Installer
    KDE Neon maintainer Jonathan Riddell is announcing today the immediate availability of the popular Calamares distribution-independent Linux installer framework on the Developer Unstable Edition of KDE Neon. It would appear that many KDE Neon users have voted for Calamares to become the default graphical installer system used for installing the Linux-based operating system on their personal computers. Indeed, Calamares is a popular installer framework that's being successfully used by many distros, including Chakra, Netrunner, and KaOS.

Red Hat Financial News