Microsoft admits hacks on Vista OEM BIOS

Microsoft admits hacks on Vista OEM BIOS

Microsoft's anti-piracy team has acknowledged that hacks against Windows Vista's OEM BIOS activation scheme are circulating, but seemed to say it has no plans to immediately counter the threat.

Alex Kochis, senior product manager of Windows Genuine Advantage (WGA), spelled out the hacks, which try to spoof how major computer makers pre-activate Windows Vista before shipping systems to customers. To make original equipment manufacturers (OEM) jobs easier, Kochis says, Microsoft has long let them add a marker in the motherboard's BIOS to identify PCs licenced to boot Windows.

OEM BIOS hacks aren't new, he says. But ironically it's Vista's new anti-counterfeit defences that may make them more popular. "Because there were easier ways to pirate Windows XP, I don't think much attention was ever paid to [OEM hacking]," says Kochis. "However, because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to hack OEM Activation 2.0."

At least two OEM BIOS hack strategies are in use, Kochis says, including one that uses software to trick a pirated copy of Vista into thinking it's running on a legitimate OEM-activated system.

Kochis, however, was ambiguous about whether the WGA group is planning immediate action against these hacks. "It's worth noting we prioritise our responses, because not every attempt deserves the same level of response," says Kochis. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows.

"Our first goal is to disrupt the business model of organised counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialised."

If true, the stance would be at odds with past behaviour by Microsoft and its WGA team. Last month, when a web site posted a tool that its maker claimed could crack Windows Vista's activation process, WGA reacted the next day, saying it was investigating the hack.

Microsoft did not immediately respond to a request to clarify whether WGA is now on the OEM BIOS hack case.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoftvista



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments