Microsoft confirms Vista OEM hack

Hack may allow users to bypass antipiracy feature, but no action is planned yet, according to a post on the Windows Genuine Advantage blog.

In response to widespread chatter on blogs and forums, Microsoft has acknowledged the presence of hacks that may allow pirates to bypass the product activation security feature in its Windows Vista operating system.

According to a post by Microsoft Senior Product Manager Alex Kochis on the Windows Genuine Advantage developers' blog, Microsoft has identified two ways in which hackers have broken the product activation security feature on original equipment manufacturer PCs that come bundled with Vista. But the Redmond, Wash.-based tech giant does not yet have plans to snuff out this threat.

"We focus on hacks that pose threats to our customers, partners and products," Kochis wrote. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims."

Microsoft first introduced product activation as a security feature with its Windows XP operating system, which launched in 2001.

Reports of a vulnerability in Vista's product activation began to surface last month with word of a crack called "Vista Loader 2.0," an enhanced version of the "Vista Loader 1.0" that was devised by Chinese hackers, according to a March 10 post on the My Digital Life blog. Vista Loader, the post explained, simulates an OEM motherboard's basic input-output system, software that is responsible for communication between the machine's hardware and the operating system. Consequently, with a BIOS simulator, the registration process that would normally lock out an unauthorized copy of Windows Vista could be bypassed.

While Microsoft is not immediately taking action, Kochis did acknowledge on the Windows Genuine Advantage blog that this could be a problem. "Because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to attack the OEM Activation 2.0 implementation," Kochis wrote.

Last month, it was believed that hackers had in Vista's product registration, but Microsoft refuted the claim shortly afterward. Another , this one involving a random product key generator, was also debunked in March.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Details about Apple's 'spaceship' campus from the drone pilot who flies over it

MyithZ has one of the most popular aerial photography channels on YouTube. With the exception of revealing his identity, he is an open book as he shares with CNET's Brian Tong the drone hardware he uses to capture flyover shots of the construction of Apple's new campus, which looks remarkably like an alien craft.

by Brian Tong