Pirates Spoof Vista's Enterprise Activation
Pirates Spoof Vista's Enterprise Activation
The software spoofs a Key Management Service server, one of the two technologies that Microsoft debuted last month that let businesses activate a large number of copies of Windows Vista.
Pirates are circulating a hack that lets them activate counterfeit copies of Windows Vista using a spoofed server that Microsoft relies on to make sure enterprises switch on the new operating system.
The software, loaded with the long name of "Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates" is available on several pirate Web sites. It spoofs a Key Management Service server, one of the two technologies that Microsoft debuted last month that let businesses activate a large number of copies of Windows Vista. KMS requires that at least 25 PCs be connected to a corporation's network.
Vista is the first version of Windows that Microsoft requires volume license customers to activate. Besides KMS, the Redmond, Wash. developer also offers Multiple Activation Key, which resembles the retail version's activation process. PCs activated using KMS must reactivate at least once every six months.
The MelindaGates hack uses a VMware image of a KMS server to activate -- and keep activated -- a pirated edition of Windows Vista Business. "Looks like Windows Vista Volume Activation 2.0 is a big bust," wrote a user identified as "clank" on the PirateBay Web site Friday.
Like every edition of Windows, Vista has been plagued with counterfeit copies. Pirated editions with cracked activation keys were posted long before Microsoft officially launched the OS Nov. 30.
However, the Redmond, Wash. developer has gone to greater lengths to stymie counterfeiting, including the overall effort it's dubbed "VA 2.0" for Volume Activation 2.0, which uses a new set of technologies to activate and validate Vista and essentially turn off faux copies.
One of the ways to activate Windows Vista available to Microsoft volume licensing customers is Key Management Service or KMS that requires a centralized server that clients can activate against every 180 days. As such, it's the server that hosts the product keys; and not the client machines.
Thus, with KMS, a company can run a Microsoft-supplied authorization server on its own network, and activate Vista without contacting Microsoft for each copy.
Although KMS is meant to benefit system administrators with many on-site clients, reports are already doing the rounds that some hackers have used a VMWare image and a VBS script to simulate a local KMS that can generate valid Vista product keys.
This workaround, dubbed "Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates," can activate both Enterprise and Business editions of Vista. However, the Home and Ultimate editions of Vista cannot work with a KMS, so they cannot be easily activated with the MelindaGates Hack.
Reportedly, the hacked download is available online on sites such as 'The Pirate Bay' and other file sharing sites.
The MelindaGates Hack or download is a VMWare image. The idea is to download and install VMWare Player (a legal free download); boot the image; and use some VBS script (supplied with the activation server download) to have the client Vista machine get its activation from the local server. And, there is no communication back to Microsoft.
Microsoft has refused to comment on the hack.
Actually, Microsoft designed Vista as its first Windows OS requiring volume users to activate each product, and this was integrated mainly as an anti piracy measure.
Of the latest reports, several security experts are not at all surprised that hackers have come up with a workaround for Vista's product activation; however, there are others who feel that Microsoft should be happy that it took none less than the acquisition of a KMS server to fool Vista into activating...
Courtesy www.techtree.com ,www.slashdot.com
