Language Selection

English French German Italian Portuguese Spanish

Exploit Allows Windows XP Piracy

Filed under

There's a major chink in Microsoft's Windows XP anti-piracy armor, although Windows users are not at risk of security attacks.

A security researcher in India has discovered an uncomplicated and easy-to-exploit weakness in Microsoft Corp.'s WGA (Windows Genuine Advantage), an anti-piracy initiative that checks whether consumer and small-business customers are running legitimately licensed copies of Windows XP.

Debasis Mohanty, a private vulnerability researcher and analyst of malicious programs, published a detailed proof-of-concept demonstration to show how the WGA validation check can be defeated to generate key codes for use on illegal copies of Windows XP.

Mohanty's findings come as the world's largest software maker prepares a mandatory rollout of the program.

Microsoft has been testing the Genuine Advantage program through its Download Center, where users are urged to validate their copies of XP before obtaining certain software updates, patches and fixes.

If users decide against validating, they are still allowed to obtain the requested downloads, but later this summer updates will only be pushed out to valid copies. Security updates will not require validation, even after WGA goes mandatory.

A Microsoft spokesperson on Monday confirmed Mohanty's findings but insisted that the weakness presented no real threat to the company's attempts to strangle software pirates.

The spokesperson said there were no plans to modify the way WGA works, even after Mohanty's public demonstration, which was posted on a high-profile security mailing list.

Full Story.

More in Tux Machines

$89 Symple PC Project Evidently Dead

Phoenix based Symple PC, which offered refurbished “web workstations” running Ubuntu for $89, has evidently ridden off into the night of no return. Since at least August 24, the company’s website has said the product is “No Longer Availabe,” although the website remains operational. Numerous attempts to contact the company for clarification have gone unanswered. Read more

The Nexus 6P takes Android smartphones to new heights (Review)

Thanks to Huawei and Google, I have become a true fan of stock Android and simply do not desire to change to another smartphone which is a first for me. The Nexus 6P truly is premium and is a product that both should be tremendously proud of. Both companies should take a bow and we all should stand and applaud this device. With superior software, gorgeous and durable build, a super high resolution display, fantastic camera, a new fingerprint reader, dual-front facing speakers and incredible battery life, the Nexus 6P leaves no detail behind. Read more

PeaZip 5.9.0 Open Source Archiver Adds Support for Extracting RAR5 Files on Linux

The developers of the PeaZip software, a cross-platform and open-source graphical application designed as a front-end for some popular archive managers, such as 7z, p7zip, RAR, ZIP, etc., announced the release and immediate availability of PeaZip 5.9.0. Read more

MakuluLinux Aero Edition Officially Released, Based on Ubuntu 14.04 LTS

Today, November 29, Jacque Montague Raymer of MakuluLinux had the great pleasure of announcing the release and immediate availability for download of the final version of the MakuluLinux Aero Edition computer operating system. Read more