A new security hole has been discovered in Microsoft’s product activation process that allows pirates to get a legitimate copy of Windows 8 for free. The loophole is based around the ongoing Windows Media Center promotion that is giving away free Media Center keys to Windows 8 Pro users until January next year. Essentially, all pirates need to do is receive an upgrade key from Microsoft and use it to convert an illegal copy of the operating system into a genuine one.
With previous versions of Windows pirates relied on volume keys to activate illegal copies of the operating system. Windows would bypass activation when volume keys were used to make it easier for OEMs to mass deploy the operating system on their machines. Since there is no technical limits on the number of possible activations, some software pirates have exploited volume licensing to acquire illegitimate copies of Windows.
This is not possible with Windows 8 as Microsoft no longer allows volume keys – each copy of Windows 8 requires a unique activation key. Until the discovery of the new security hole the only way out for pirates was to use local KMS (Key Management Server) to activate their copies for 180 days, and then rearm their copies every six months. However, this new and embarrassing security hole could enable practically anybody to acquire a genuine copy of Windows 8 without paying anything, thanks to Microsoft’s generous promotion.
Basically, this is how it works: pirates install Windows 8 Pro using any valid key, even if it's in use and, once the system is installed, activate it with a KMS server. Then request a free Windows Media Center upgrade key from Microsoft, install the Windows Media Center pack using the key provided and then activate Windows. Since your new product key is valid and unique, you'll activate permanently with no issues.
This is made possible because Microsoft don’t bother to check if the key you are currently using is valid. As long as the system is activated, even if it is activated with KMS, it will take the key and apply the upgrade. Since the WMC key comes directly from Microsoft and is unique for each user, it activates Windows 8 Pro permanently.
Now that the word is out through Reddit, Microsoft will likely to add a key check before they allow product activation.
Photo credit: Computer pirate from BigStockPhoto
No comments:
Post a Comment