Microsoft Updates Vista To Block 'Frankenbuild' Counterfeits

The move was prompted by the appearance of DVD counterfeits of Windows Vista in various parts of the world, including Brazil.

Gregg Keizer, Contributor

December 14, 2006

3 Min Read

Microsoft on Thursday responded to hacks that break Windows Vista's antipiracy protection by issuing an update that essentially kills some of the counterfeit copies.

"In the event illegal workarounds or other counterfeit Windows Vista code are posted to the Internet or become available through other means, Microsoft will take appropriate action to protect users from the risks of using counterfeit copies and to protect its intellectual property," the company said Thursday in a statement.

The move was prompted by the appearance of DVD counterfeits in what the company described as "various parts of the world," including Brazil. The counterfeit, which Microsoft engineers have dubbed "frankenbuild," sidesteps Vista's activation by cobbling an operating system from files drawn from both this fall's Release Candidate (RC) and November's Release To Manufacturing (RTM) versions.

Microsoft has issued an update to Vista via Windows Update that detects the frankenbuild counterfeit, then demands a valid activation key.

"Windows Vista will use the new Windows Update client to require only the 'frankenbuild' systems to go through a genuine validation check," said Alex Kochis of the Windows Genuine Advantage team on the group's blog. "These systems will fail that check because we have blocked the RC keys for systems not authorized to use them. In other words, the wrong key is being used.

"The systems will then be flagged as non-genuine systems and the experience will be what we announced back in October, including losing certain functionality, and the system will have 30 days to activate with a good product key," Kochis added.

In October, Microsoft spelled out Vista's copy protection scheme, which blends product activation and Windows validation. Under the new plan, called Software Protection Platform, copies of Vista that don't activate with a legitimate product key within 30 days drop into a reduced functionality mode, which lets the user run only the default browser, and then only for an hour at a time. Some analysts have tagged the new activation process as giving Microsoft the ability to set a "kill bit" that makes Vista unusable. A second hack that involves a virtual machine image and a spoofed Key Management Service (KMS) server—one of the two technologies that Microsoft offers enterprises to activate a large number of copies of Vista—was acknowledged by Kochis, but apparently not addressed in the update.

"The other workaround involves the use of some virtualization technology and our practices for activating larger business customers," noted Kochis. Microsoft didn't immediately reply to questions about what steps, if any, it would take to block the KMS anti-activation technique.

Microsoft used stern language in its statement to warn it would keep pirates from using phony copies of its new OS, which goes on sale to consumers on Jan. 30. "Microsoft will periodically review product keys that appear to have been leaked or stolen and will thoroughly investigate reports of system file tampering," the company said. "Microsoft will block these keys."

The company also reminded users that although Vista released last month to volume license customers, it wasn't yet widely available.

"Users can be confident that 100% of the copies of Windows Vista advertised for purchase or download prior to the January 30, 2007 consumer general availability date are counterfeit, and that any new PC purchased and pre-loaded with Windows Vista prior to general availability is improperly licensed or counterfeit," Microsoft said.

"We hope that this action will help get the message out that pirating Windows Vista will have real consequences and will, in turn, encourage people to check before they buy," concluded Kochis.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights