Software // Enterprise Applications
News
7/28/2005
04:47 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Microsoft Investigates Reported Hack of Windows Authenticity Check

A popular blog reports that Microsoft's online validation process for Windows has been hacked.

"Does it matter if your copy of Windows is genuine?" Microsoft asks, knowing full well the impact of illegally copied software on its bottom line. "Yes, if you want the confidence of knowing that your software is legitimate and fully supported. And only genuine Windows customers can receive product downloads, Windows updates, and special offers."

That was true yesterday, but today hackers have come up with a way to disable Microsoft's online validation check. As noted in popular blog Boing Boing and elsewhere, by pasting a single line of JavaScript code into their Web browsers during the Windows Genuine Advantage validation process, users of counterfeit copies of Microsoft Windows can bypass the authenticity test, enabling them to receive product downloads, Windows updates, and special offers, just like paying customers.

Also, a Slashdot thread on the subject suggested several readers had tried it for themselves successfully.

No doubt Microsoft will disable this hack shortly, if it hasn't already. "The hack as far as we can tell is not a security vulnerability nor does it put customers at risk," a Microsoft spokesman said. "We're investigating the claims now, and we're going to take action in response to those as appropriate."

The irony here is that the validation process relies on an ActiveX control, a small executable code package that users of Internet Explorer can download and run on their computers. Computer security organizations like the CERT Coordination Center have recommended disabling ActiveX as a way to defend against security flaws in Internet Explorer.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.