Hackers spoof Vista activation feature

Hackers are distributing a file that they say lets users of the corporate version of Microsoft Corp.’s Windows Vista operating system get around the software’s anti-piracy mechanisms.

Windows Vista must be “activated,” or authorized by Microsoft, before it will work on a particular machine. To simplify the task of activating many copies of Vista, Microsoft offers corporate users special tools, among them Key Management Service (KMS), which allows a company to run a Microsoft-supplied authorization server on its own network and activate Vista without contacting Microsoft for each copy.

The software Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates lets users spoof that KMS process, allowing them to activate copies of the enterprise editions of Vista, its creators say. The hacked download is available online on sites including The Pirate Bay and other file sharing sites.

Microsoft’s official KMS offering is available to customers with 25 or more computers running Vista. The machines activate the software by connecting to the KMS server, and must reactivate every six months.

KMS is not the only option that enterprises have for volume activation of Vista: they can also call Microsoft by phone or connect over the Internet to activate the software.

The MelindaGates hack allows users to download a VMware image of a KMS server which activates Windows Vista Business/Enterprise edition, its creators claim.

Microsoft did not respond to requests for comment on the hack.

Vista is the first Windows operating system that requires volume users to activate each product. The new activation processes are aimed at reducing piracy.

While one security expert said he isn’t surprised that KMS has been cracked, he said the MelindaGates hack offers some insight into piracy.

“This also shows how piracy is not just about kids swapping games,” said Mikko Hypponen, chief research officer of F-Secure Corp. “The only parties that would need a KMS crack would be corporations with volume licensing.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now