Hacker finds chink in Microsoft's anti-piracy armor

Hacker finds chink in Microsoft's anti-piracy armor

Summary: A security researcher in India has discovered "easy to exploit" ways to cheat Microsoft's OGA (Office Genuine Advantage) anti-piracy checks.

TOPICS: Microsoft, Security

A security researcher in India has discovered "easy to exploit" ways to cheat Microsoft's OGA (Office Genuine Advantage) anti-piracy checks.

Debasis Mohanty, a hacker with a history of circumventing Redmond's software validation tools, says there are numerous ways to bypass the checks, which generate a hash out of information from the installed Microsoft Office software and passes it to a server for verification.

According to a proof-of-concept released by Mohanty, a simple Google query for Office updates or add-ins will return direct download links to the file on Microsoft's server "without any validation check."

Mohanty also hinted that the OGACheckControl.dll can be patched to sidestep validation.  "However just to keep myself away from those scary legal notices, I do not want to release any patch at this point of time," he said in a note posted to the Full Disclosure mailing list.

Topics: Microsoft, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Scary legal notices

    Sort of like HollyWierd's CSS, the idea isn't to stop system access -- it's to trigger the DMCA so that anyone who even does research will spend the rest of his life in jail (or destitute thanks to the defense costs.)
    Yagotta B. Kidding
  • Message has been deleted.

    • What garbage logic is that?

      Let's see. Indians programmed "microsoft" (ok what happened to the thousands of Chinese, American, European and other programmers?). Given their piracy rate (wow, did you pull some numbers out of thin air? The last I checked, broadband penetration in India was nothing great, some countries you need to be more concerned about are those with good manufacturing setups in South east asia, China, etc where bootleg factories churn out pre-pressed CD/DVD's by the thousands).

      You conveniently forget the proud fact that there are a lot of extremely smart guys who are based in the US, Europe, Russia and other places who produce far more cracks than anything coming out of India. Don't underestimate our cracking skills or piracy rate!
  • Hacker finds (what?) in M$'s anti-piracy armor.

    I know Micro$haft isn't happy to hear about ways of getting around their weak "security," but if they're so offended by the weakness being called a "chink," they should just pack it up and go home.
    Mr. Roboto
    • Cute. Censorshipt software.

      With kool-aid man around, that explains much.

      Mr. Roboto
  • Oh no...

    Oh no Vista has been exploited that really is unexpected...At this point I'm not going to moan about Microsofts security or the like, as lord knows we can be doing without any more ill informed whining. People are quick to point the finger at Microsoft, but when you consider everybody and there dog is trying to exploit there software, so it doesn't really matter what they do as someone will find a way to exploit it, if Fort Knox had the same amount of people trying to break through its security it'd have been cleaned out years ago. Also people moan about poor security but anytime Microsoft do anything to increase security just as many people moan about that , so they can't win either way. Its also worth noting that while that guy in India was wasting his time with such a basic exploit, other people were running cracked versions of Vista with full access to all Windows and Office updates, thus rendering his exploit obsolete. I bid you good day.
    • Oh No, must be a LINUX User!

      What's wrong? Reading issue? COMPREHENSION Issues?? This article is about Microsoft OFFICE! Wait until the real VISTA issues are written about before gloating about them. (Prob about 1 day away).
      Troll Hunter
  • Not security, not zero day

    This is a perfectly good story, but it is not a security issue for Microsoft Office customers, and it is not a zero-day. Perhaps readers would benefit fron a definition of zero-day as you see it?
  • RE: Hacker finds chink in Microsoft's anti-piracy armor

    Mt2 turk MMO PvP game download online game servers
    <a href="http://www.metin2oyunu.org" title="metin2" target="_blank">metin2</a> - <a href="http://www.metin2oyunu.org/indir" title="metin2 indir" target="_blank">metin2 indir</a> - <a href="http://www.metin2oyunu.org/hileler" title="metin2 hile" target="_blank">metin2 hile</a> - <a href="http://www.metin2oyunu.org/gm-komutlari" title="metin2 gm komutlari" target="_blank">metin2 gm komutlari</a> - <a href="http://www.metin2oyunu.org/category/metin2-at-gorevleri" title="metin2 at gorevleri" target="_blank">metin2 at gorevleri</a>
    MMO online games, game related content turk mt2 pvp servers
    <a href="http://www.metin2pvpserver.net" title="metin 2" target="_blank">metin 2</a> - <a href="http://www.metin2pvpserver.net" title="pvp" target="_blank">pvp</a> - <a href="http://www.metin2pvpserver.net" title="server" target="_blank">server</a> - <a href="http://www.metin2pvpserver.net/knight" title="knight" target="_blank">knight</a>
    Mt2 turk MMO PvP game servers online
    <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp sererler" target="_blank">metin2 pvp sererler</a> - <a href="http://www.metin2pvpserverlar.com" title="pvp serverlar" target="_blank">serverlar</a> - <a href="http://www.metin2pvpserverlar.com" title="pvp serverler" target="_blank">pvp serverler</a> - <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp sererlar" target="_blank">metin2 pvp sererlar</a> - <a href="http://www.metin2pvpserverlar.com/pvp-kenti" title="pvp kenti" target="_blank">pvp kenti</a>

    download http://www.metin2oyunu.org game servers online http://www.metin2pvpserver.net turk mt2 pvp servers http://www.metin2pvpserverlar.com
    <a href="http://www.metin2turkiye.net" title="mt2" target="_blank">mt2</a>
    <a href="http://www.metin2turkiye.net" title="metin2 turk" target="_blank">metin2 turk</a>
    <a href="http://www.metin2turkiye.net" title="mt2 turk" target="_blank">mt2 turk</a>
    <a href="http://www.metin2turkiye.net" title="metin2 tr" target="_blank">metin2 tr</a>
    <a href="http://www.metin2oyunu.org/indir" title="metin 2" target="_blank">Metin 2</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2 indir" target="_blank">alemt2 indir</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2 kaydol" target="_blank">alemt2 kaydol</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2" target="_blank">alemt2</a>
    <a href="http://www.metin2oyunu.org/tag/fancy-mt2-kaydol" title="alemt2 kaydol" target="_blank">fancymt2 kaydol</a>
    <a href="http://www.metin2oyunu.org/tag/fancy-mt2" title="alemt2 kaydol" target="_blank">fancy mt2</a>
    <a href="http://www.metin2oyunu.org/tag/mt2-pvp" title="mt2 pvp" target="_blank">mt2 pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2 pvp" target="_blank">metin2 pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2 pvp" target="_blank">metin2 pvp serverler</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="pvp" target="_blank">pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2" target="_blank">metin2</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="serverler" target="_blank">serverler</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="serverler" target="_blank">serverler</a>

    <a href="http://www.metin2pvpserver.net" title="metin2pvpserver" target="_blank">metin2pvpserver</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 pvp server" target="_blank">metin2 pvp server</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 pvpserver" target="_blank">metin2 pvpserver</a>
    <a href="http://www.metin2pvpserver.net" title="metin2pvp server" target="_blank">metin2pvp server</a>
    <a href="http://www.metin2pvpserver.net" title="metin2pvp" target="_blank">metin2pvp</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 server" target="_blank">metin2 server</a>

    <a href="http://www.metin2pvpserverlar.com" title="metin2pvpserverlar" target="_blank">metin2pvpserverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp serverlar" target="_blank">metin2 pvp serverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2pvp serverlar" target="_blank">metin2pvp serverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2 serverlar" target="_blank">metin2 serverlar</a>

    <a href="http://www.faceara.com" title="face" target="_blank">face</a>
    <a href="http://www.faceara.com" title="facebook" target="_blank">facebook</a>