[Clips] Hackers Hit Microsoft Windows Genuine Advantage
R.A. Hettinga
rah at shipwright.com
Mon Aug 1 22:35:18 EDT 2005
--- begin forwarded text
Delivered-To: clips at philodox.com
Date: Mon, 1 Aug 2005 22:34:52 -0400
To: Philodox Clips List <clips at philodox.com>
From: "R.A. Hettinga" <rah at shipwright.com>
Subject: [Clips] Hackers Hit Microsoft Windows Genuine Advantage
Reply-To: rah at philodox.com
Sender: clips-bounces at philodox.com
<http://www.informationweek.com/story/showArticle.jhtml?articleID=166403976>
InformationWeek > Security >
Genuine Advantage was supposed to block users from pirating Windows, but
hackers defeated the program in a matter of days.
By The Associated Press
Days after Microsoft launched a new anti-piracy program, hackers have
found a way to get around it.
The software company's new program, called Windows Genuine Advantage,
requires computer users to go through a process validating that they're
running a legitimate copy of the Windows operating system before
downloading any software updates except for security patches.
But the check can be bypassed by entering a simple JavaScript command in
the Web browser's address bar and hitting the "Enter" key. When that's
done, the validation does not run and the user is taken directly to the
download.
Microsoft said it was investigating and that the glitch was not a security
vulnerability.
The hack appears only to work when a computer user is trying to download
software through the Windows Update service. Some software, such as
Microsoft's AntiSpyware beta, isn't available there but can be found
elsewhere on microsoft.com.
Such downloads also require validation, but the hack does not appear to
work. On Friday, attempts to download the antispyware program resulted in a
server error, with a message that read, "It appears that our activation
servers are not functioning properly."
All Windows users, even those with pirated copies, can still download
security patches. For any other software updates, Microsoft now requires
computer users to validate that their computers aren't running counterfeit
copies of Windows.
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
_______________________________________________
Clips mailing list
Clips at philodox.com
http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list