Microsoft Genuine Disadvantage

28 07 2005

Less than 24 hours ago, M$ said “We’re not giving you optional updates,if you aren’t ‘legit’”  Many people complained.

Someone on BoingBoing did a little digging and learning, rather than moaning and whining.   Result:  one line patch…no more Check!  And the Cat and mouse game continues.

The patch apparently is:

Before pressing ‘Custom’ or ‘Express’ buttons paste this text to the address bar and press enter:


It turns off the trigger for the key check.

Further:  Various workarounds have been rounded up:


Microsoft last week made validation of its operating system mandatory for all Windows XP and 2000 users. As of July 26, downloading software via Windows Update, the new Microsoft Update, or the Microsoft Download Center requires a PC to pass a real-time test for an authorized, licensed OS. (The Redmond company is making exceptions for patches it labels “critical” for security.) The validation test had been optional since late last year, when Microsoft initiated its “Windows Genuine Advantage” program to reduce piracy.
It took only one day for programmers to demonstrate that the new testing mechanism was poorly implemented. The tech blog
reported on July 28 that entering a single line of JavaScript into a browser’s address bar bypasses the validation routine. Using a different approach, Rafael Rivera of released similar methods that involve installing small user scripts.
Shortly thereafter, Ryan Foley
published on his Technomyst blog an even simpler trick. Users receive a Windows Genuine Advantage ActiveX component when downloading software for the first time under the new regime. After closing and restarting Internet Explorer, users can then click Tools, Internet Options, Programs, Manage Add-Ons. Merely clearing the check box next to Windows Genuine Advantage prevents the test from taking place.
Another easy method was also published by
Sinhack Research Labs. As explained in a posting to the Full Disclosure discussion list, downloading Microsoft’s own GenuineCheck.exe program, and configuring it to run in “Windows 2000 compatibility mode,” makes the test always succeed in Windows XP.
I don’t advocate pirating software, and in fact I recommend that you take advantage of Microsoft’s
Genuine Windows Offer if you find that you somehow purchased a counterfeit Windows CD. The Redmond company will send you a licensed copy of Windows XP for free if you submit a piracy report and the disc. Those with a bogus OS but without a black-market CD can get XP for the discounted price of $99 USD (XP Home) or $149 (XP Pro).
Microsoft announced that the flaws would be corrected. They may even have been fixed by the time you read this.
But the weak stress testing that the software giant obviously conducted on Genuine Advantage — an initiative it knew would be high profile — is disturbing. If Microsoft allows such elementary weaknesses to ship in its most visible campaigns, how many holes still exist in Windows’ less-well-known software components?



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: