Language Selection

English French German Italian Portuguese Spanish

Exploit Allows Windows XP Piracy

Filed under
Microsoft

There's a major chink in Microsoft's Windows XP anti-piracy armor, although Windows users are not at risk of security attacks.

A security researcher in India has discovered an uncomplicated and easy-to-exploit weakness in Microsoft Corp.'s WGA (Windows Genuine Advantage), an anti-piracy initiative that checks whether consumer and small-business customers are running legitimately licensed copies of Windows XP.

Debasis Mohanty, a private vulnerability researcher and analyst of malicious programs, published a detailed proof-of-concept demonstration to show how the WGA validation check can be defeated to generate key codes for use on illegal copies of Windows XP.

Mohanty's findings come as the world's largest software maker prepares a mandatory rollout of the program.

Microsoft has been testing the Genuine Advantage program through its Download Center, where users are urged to validate their copies of XP before obtaining certain software updates, patches and fixes.

If users decide against validating, they are still allowed to obtain the requested downloads, but later this summer updates will only be pushed out to valid copies. Security updates will not require validation, even after WGA goes mandatory.

A Microsoft spokesperson on Monday confirmed Mohanty's findings but insisted that the weakness presented no real threat to the company's attempts to strangle software pirates.

The spokesperson said there were no plans to modify the way WGA works, even after Mohanty's public demonstration, which was posted on a high-profile security mailing list.

Full Story.

More in Tux Machines

Security Stunts From Microsoft and Crash Reporting

today's leftovers

Software: Liberation of Code, GNU Parallel, Devhelp

  • When should you open source your software?
    It’s 20 years this this since the term ‘Open Source’ was coined. In that time the movement for free and open software has gone from a niche to a common method of distribution and a normal way of operating for businesses. Major technology shifts are now driven by open source technologies: Big Data (Hadoop, Spark), AI (TensorFlow, Caffe), and Containers (Docker, Kubernetes) are all open projects. Massive companies including Google, Facebook, and even Lyft regularly release Open Source tools for the world to use. Microsoft – whose former CEO once described Linux as a cancer – now embraces the concept.
  • GNU Parallel 20180422 ('Tiangong-1') released
    Quote of the month: Today I discovered GNU Parallel, and I don’t know what to do with all this spare time. --Ryan Booker
  • Devhelp news
    For more context, I started to contribute to Devhelp in 2015 to fix some annoying bugs (it’s an application that I use almost every day). Then I got hooked, I contributed more, became a co-maintainer last year, etc. Devhelp is a nice little project, I would like it to be better known and used more outside of GNOME development, for example for the Linux kernel now that they have a good API documentation infrastructure (it’s just a matter of generating *.devhelp2 index files alongside the HTML pages).

today's howtos