Advertisement
Promo

Security threats Toolkit

Microsoft acknowledges Vista OEM hack

Caroline McCarthy CNET News

Published: 13 Apr 2007 09:38 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

In response to widespread chatter on blogs and forums, Microsoft has acknowledged the presence of hacks that may allow hackers to bypass the product activation security feature in its Windows Vista operating system.

According to a post by Microsoft senior product manager Alex Kochis on the Windows Genuine Advantage developers' blog, Microsoft has identified two ways in which hackers have broken the product activation security feature on original equipment manufacturer PCs that come bundled with Vista. But the tech giant does not yet have plans to snuff out this threat.

"We focus on hacks that pose threats to our customers, partners and products," Kochis wrote. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows. Our first goal is to disrupt the business model of organised counterfeiters and protect users from becoming unknowing victims."

Microsoft first introduced product activation as a security feature with its Windows XP operating system, which launched in 2001.

Reports of a vulnerability in Vista's product activation began to surface last month with word of a crack called "Vista Loader 2.0", an enhanced version of the "Vista Loader 1.0" that was devised by Chinese hackers, according to a 10 March post on the My Digital Life blog. Vista Loader, the post explained, simulates an OEM motherboard's basic input-output system, software that is responsible for communication between the machine's hardware and the operating system. Consequently, with a Bios simulator, the registration process that would normally lock out an unauthorised copy of Windows Vista could be bypassed.

While Microsoft is not immediately taking action, Kochis did acknowledge on the Windows Genuine Advantage blog that this could be a problem. "Because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to attack the OEM Activation 2.0 implementation," Kochis wrote.

Last month, it was believed that hackers had found a loophole in Vista's product registration, but Microsoft refuted the claim shortly afterward. Another alleged hack, this one involving a random product key generator, was also debunked in March.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
27 out of 33 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

1 comment

  1. er ....wake up microsoft nostro

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters