It's time for Microsoft's policy of tying the availability of Windows Updates to Windows Genuine Advantage (WGA) validation to end.
Brian Livingston writing for Windows Secrets had the following to say:
"It's ridiculous to say that Microsoft provides all security updates to Windows users, whether or not they pass Windows Genuine Advantage (WGA) validation. No, Microsoft doesn't.
"First of all, a system that fails WGA is restricted in using Microsoft's update and download sites.
"WGA has a reputation for rating some PCs as unlicensed when in fact they're completely legitimate. For this reason, many people exit Windows Update at this point and turn off Automatic Updates (if it was enabled) rather than risk disabling their expensive computers."
Windows Update and WGA are interlinked. If you have a PC that doesn't validate as running a genuine copy of Windows (or you are uneasy about putting it through the validation process for whatever reason), then you are limited to receiving only those updates that are labeled as "Critical". While this still gives users access to the most important updates, it means that users miss out on updates classified as "Important" or "Moderate".
To make matters worse, back in 2006 someone at Microsoft decided to push an update for the WGA mechanism (KB905474) through the Windows Update mechanism and marked it as a "Critical" update. This mixing of genuine security updates and marketing propaganda was an enormous abuse of trust on Microsoft's part (Apple later pulled a similar stunt when it pushed Safari to Windows users though its software update mechanism) and shouldn't have been allowed to happen.
It's now time for Microsoft to disconnect WGA from all Windows related updates. Same goes from Office Genuine Advantage and updates for Microsoft Office. The current situation doesn't make good sense. I don't have a problem with Microsoft demanding that users wanting additional content (games, new apps, templates and so on) have to go through a validation process, but ALL updates should be available to ALL users, irrespective of whether users are running a genuine copy of Windows or not. Users who have unwittingly been sold a counterfeit copy of Windows shouldn't be penalized and have their security compromised. In fact, when it comes to security updates, even those who know they are running a pirated copy of Windows should get access to all updates. It's in everyone's best interests that as many machines as possible are patched.
[UPDATE: This is from a Microsoft spokesperson:
1. We offer all security updates, service packs, and other critical reliability updates on Windows XP and Windows Vista even if the machine is non-genuine (these are ‘Important’ and ‘High Priority’ Updates). 2. Other individual recommended or optional updates may or may not be blocked on Windows Vista, at our discretion (i.e., not ALL ‘Recommended’ and ‘Optional’ updates are only delivered to Genuine systems). 3. All Optional Updates on Windows XP are disallowed since the WU and MU sites prevent access from non-genuine machines, and ‘Optional’ Updates can’t be found through Automatic Updates on the local computer.
While I accept that this is true, the problem is that updates are still hidden behind a WGA wall. For example, take the following from Microsoft's own description of WGA:
Upon your first visit to the Microsoft Download Center, Windows Update, or Microsoft Update sites, you receive a message requiring you to validate your copy of Windows.
Another example is from Microsoft's download page for Windows Defender:
There are significant risks to running non-genuine Windows. Only genuine Windows customers can receive product downloads, Windows updates and special offers. Windows Defender will validate that your copy of Windows is genuine before installation. Furthermore, Windows Defender will only remove Severe threats for machines that are not genuine. Low, Medium and High threats will be detected, but not removed unless your copy of Windows is genuine.
These are just two examples of the WGA wall that Microsoft puts between users and updates.]